15-second summary
After completing Systems and Organization Controls (SOC) 2 Type 1, Feedly has completed its SOC 2 Type 2 examination, verified by A-LIGN. The audit confirms that Feedly’s controls for security, availability and privacy operated effectively throughout the test period. For CTI teams and security organizations that rely on Feedly with their intelligence workflows, it’s formal, audited proof that those controls work.
overview
Security teams rely on Feedly to perform their most sensitive tasks like tracking threat actors, monitoring vulnerabilities, and surfacing intelligence that informs real organizational decisions. That belief has always driven how we build and operate. SOC 2 Type 2 makes it audible.
What is SOC 2 type 2?
SOC 2 is an examination framework established by the American Institute of Certified Public Accountants (AICPA). It evaluates whether a company’s systems and controls reliably protect customer data across five trust service categories: security, availability, processing integrity, confidentiality, and privacy.
Type 2 is the harder bar. Type 1 audit confirms that controls are in place at one point in time. Type 2 confirms that those controls operate effectively over an extended period. In our case, we were already Type 1 verified and are now verified for Type 2 by A-LIGN, the leading cybersecurity compliance auditor trusted by over 4,000 global organizations.
What’s included in our audit
Our SOC 2 Type 2 report includes three trust service categories for Feedly systems:
- Security: Protecting the system from unauthorized access, both physical and logical
- Availability: Ensuring that the system is available for operation and use as committed
- Privacy: Protecting information considered confidential
The examination period ran from January 1, 2026 to March 31, 2026 and the report was released on April 20, 2026.
Why does this matter to CTI teams?
Organizations using Feedly Threat Intelligence are often in industries where data security is a necessity. Financial institutions, government contractors, healthcare organizations and critical infrastructure teams operate under strict compliance mandates. Their procurement and legal teams need documented proof that the equipment in their environment meets the standard.
SOC 2 Type 2 gives your security and compliance teams something tangible: an independent, audited report that documents how Feedly protects your data. This removes a friction point from the procurement process and gives internal champions a clear answer when IT or InfoSec asks “How do we know Feedly is secure?”
Security has been fundamental to how we built Feedly from the beginning. SOC 2 Type 2 is the formal validation of that commitment, not only for our current customers, but for every security team that evaluates whether Feedly belongs in their stack.
what comes next
SOC 2 Type 2 is an ongoing commitment. This requires annual re-examination, which means our controls are continuously monitored. As Feedly grows with new integrations, new AI capabilities, new enterprise customers, SOC 2 gives us a structured way to ensure security keeps pace with every change we send our way.
access reports
If you are a Feedly customer and need a copy of our SOC 2 Type 2 Report for your security review or procurement process, contact your Account Executive to download the full report.
If you’re evaluating Feedly for your organization and want to learn more about our security posture and features, contact our team at: sales@feedly.com
Try Feedly Threat Intelligence
Access customized intelligence from Signal in minutes.
Get started for free

questions to ask
SOC 2 Type 2 is an independent audit that confirms that a company’s security controls were not only properly designed but were actually working effectively over a set period of time. It is issued under the AICPA’s Trust Services Criteria framework and is widely recognized as the gold standard for cloud and SaaS security compliance.
What is the difference between SOC 2 Type 1 and Type 2?
Type 1 reports confirm that security controls are in place and at the same time appropriately designed. The Type 2 report goes further because it verifies that those controls operated consistently and effectively over an extended period. Type 2 is the more severe of the two.
What trust service categories does Feedly’s SOC 2 cover?
Feedly’s SOC 2 Type 2 report includes three categories: security, availability, and privacy. These explain how we protect systems from unauthorized access, maintain uptime commitments and handle confidential information.
What period does Feedly’s SOC 2 Type 2 report cover?
The examination period is from January 1, 2026 to March 31, 2026. The report was released on April 20, 2026.
Who conducted the SOC 2 audit of Feedly?
The audit was conducted by A-LIGN, an independent cybersecurity compliance firm that is trusted by over 4,000 organizations globally and is the number one company to issue SOC 2 reports.
How do I request a copy of Feedly’s SOC 2 report?
The full report is available to clients and prospects under NDA. If you are a current customer, contact your account team. If you’re evaluating Feedly, contact us here and mention that you’d like to review the report.
Is Feedly SOC 2 suited for enterprise use?
Yes. Feedly’s SOC 2 Type 2 test confirms that the Feedly Threat and Market Intelligence System meets enterprise-grade security, availability and privacy standards, making it suitable for use in regulated industries including financial services, healthcare, government contracting and critical infrastructure.
Does Feedly renew its SOC 2 Type 2 exam?
Yes. SOC 2 Type 2 is not a one-time test, it requires ongoing audits to maintain. Feedly is committed to continued compliance and will renew the exam annually.
