Today, we're proud to share that Diaflow has officially achieved SOC 2 Type 2 certification.
This isn't a checkbox. It's not a sales slide. It's the result of months of rigorous work: auditing our systems, hardening our controls, and proving to an independent third party that we operate at the standard enterprises deserve.
For our customers, this means one thing: you can trust us with your workflows, your data, and your business.
What SOC 2 Type 2 Actually Means
There are two levels of SOC 2 compliance. Type 1 is a point-in-time snapshot: it says "on this date, your controls exist." Type 2 is the harder one. It says "over an extended observation period, your controls worked, consistently, every single day."
SOC 2 Type 2 evaluates five Trust Service Criteria:
- Security: Are systems protected against unauthorized access?
- Availability: Is the platform reliably accessible?
- Processing Integrity: Is data processed completely and accurately?
- Confidentiality: Is sensitive information protected?
- Privacy: Is personal data handled responsibly?
An independent auditor observed Diaflow across all of these dimensions over a sustained period. We passed.
Why We Pursued This
We built Diaflow for teams that run real work on real AI agents. That means connecting to production databases, processing customer data, automating internal workflows, and integrating with the tools companies live in every day.
That kind of access demands a level of security posture that can't just be claimed. It has to be demonstrated.
When enterprise customers, procurement teams, and security reviewers come to us and ask "can we trust your platform with sensitive data?", we can now answer with a certified, audited yes.
We've heard it from our customers: security is the first conversation, not the last. SOC 2 Type 2 lets us have that conversation from a position of proof.
What We Built Along the Way
Earning this certification required us to go deep into every layer of how Diaflow operates:
Access Controls: We implemented strict role-based access controls across our infrastructure, ensuring that the right people access the right systems, with full audit trails.
Encryption: All data is encrypted in transit and at rest. Customer workflow data, credentials, and integrations are protected at every layer.
Incident Response: We formalized our incident response processes, including detection, escalation, and resolution protocols that can withstand independent scrutiny.
Vendor Management: We audited every third-party service in our stack to ensure our security posture extends across our entire supply chain.
Monitoring & Logging: Continuous monitoring and centralized logging mean that anomalies are caught fast, and our audit trail is always intact.
This work made Diaflow a more secure, more resilient, and more mature platform. Our customers benefit from all of it.
For Our Enterprise Customers
If you're in the process of vendor evaluation, security review, or procurement approval, our SOC 2 Type 2 report is available on our security portal. Visit trust.delve.co/diaflow to request access, or reach out to your account team directly.
For teams already building on Diaflow: nothing changes in how you use the platform. Everything gets stronger underneath.
What Comes Next
SOC 2 Type 2 is a milestone, not a destination. We're already working toward the next phase of our compliance roadmap, including HIPAA and ongoing GDPR alignment, because our customers operate across industries and geographies that each carry their own requirements.
We're also continuing to invest in our enterprise security features: SSO, audit logs, data residency controls, and advanced permission management. Security isn't a product feature we ship once. It's infrastructure we maintain and improve every quarter.
A Word to the Team
This achievement belongs to every person on the Diaflow team. The engineers who instrumented our systems. The ops team who documented every process. Everyone who treated security not as overhead, but as a core part of what we ship.
Building an AI-native platform that enterprises can trust is one of the hardest things we do. You proved we can do it.
Diaflow is the AI-native workflow automation platform built for teams who move fast and can't afford to compromise on security. Automate complex workflows, deploy multi-agent systems, and integrate with your entire stack, with enterprise-grade controls built in from day one.