API7.ai Achieves SOC 2 Type 1 Compliance

Yilia Lin

Yilia Lin

March 1, 2023


API7.ai always keeps customer data security a considerable responsibility and a top priority. Today, we are proud to announce that we are going one step further in improving data security and privacy: API7.ai has achieved SOC (System and Organization Controls) 2 Type 1 certification, made by EY (Ernst & Young).

The report shows that the internal control process of API7.ai and its products API7 Cloud and API7 Enterprise has met the trusted service standards proposed by the American Institute of Certified Public Accountants (AICPA) regarding security, availability, and confidentiality and can provide reliable security guarantees and services for global customers.

API7.ai recently announced the open registration of cloud products that support multi-cloud and hybrid-cloud API management, providing enterprise users with a unified, cloud-vendor-independent API management platform. Data security and privacy protection are essential parts of Cloud products. API7.ai has established a comprehensive management system to ensure that products and services meet relevant standards and provide customers with comprehensive protection.

SOC 2 Type 1 Report

According to the American Institute of CPAs (AICPA),

A SOC 2 examination is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy. Type 1 is on management’s description of a service organization’s system and the suitability of the design of controls.

These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to the security, availability, and processing integrity of the systems. These reports can play an important role in:

  • Oversight of the organization
  • Vendor management programs
  • Internal corporate governance and risk management processes
  • Regulatory oversight

To request the report, please contact us here.

About API7.ai

API7.ai is an open-source infrastructure company that empowers API management and analysis. It provides various products and solutions for microservices and real-time traffic processing, such as API Gateway, Kubernetes Ingress, and Service Mesh.

Built on Apache APISIX, the top Apache open-source project donated to Apache Software Foundation by API7.ai, the enterprise-level API7 solutions provide more advanced capabilities to meet the core requirements of enterprise users: multi-cluster, multi-tenant, permission configuration, version management, auditing, statistical reports, etc.

API7 solutions are widely used by hundreds of companies across the internet, financial, blockchain, manufacturing, retail, and IoT industries. For example, Zoom, Amber Group, Airwallex, Lotus, iQIYI, vivo, Hyperchain, etc.

Our Ongoing Commitment to Data Security

The data security and protection of our users is critical to the mission of API7.ai. We will continue to refine the security control process, thus providing more secure and reliable services to users.

If you want to learn more about our security and data privacy strategy, please reach out to discuss with us in more detail.

Data SecuritySOC 2