SOC 2 Type II evidence for the AI section.

Every Type II audit in 2026 includes a meaningful question about how your AI features isolate tenant data. Auditors want evidence, not architecture diagrams. Sectum AI produces a control-mapped, tamper-evident attestation your auditor accepts as testing coverage of CC6.1 (logical access), CC6.6 (boundary protection), and CC6.7 (segregation) on your AI surfaces.

Start an engagement    Scoped per audit cycle

The gap auditors are flagging

Your audit-readiness platform (Vanta, Drata, Secureframe) collects cloud-config screenshots, identity-provider policies, and code-review artifacts. None of that says anything about whether your RAG pipeline leaks tenant A's data into tenant B's session. Auditors are increasingly asking, and the standard answer — “each tenant has its own namespace” — is not testing coverage. It is an assertion.

Sectum AI closes that gap with actual measurement: a marker substrate, a probe suite, and a tamper-evident PDF that the auditor maps directly to the relevant Trust Services Criteria.

What plugs into your audit

CC6.1 — Logical access

Class 1 (direct tenant boundary fetch) and Class 11 (erasure verification) findings tie directly to logical-access control effectiveness on the AI surfaces.

CC6.6 — Boundary protection

Class 2 (organic entity-bleed RAG) and Class 4 (semantic-cache contamination) findings demonstrate whether boundary protection holds against benign cross-tenant traffic.

CC6.7 — Data segregation

Class 7 (MCP confused-deputy), Class 8 (memory contamination), Class 9 (LoRA adapter bleed), Class 10 (IKEA extraction) findings demonstrate whether data segregation holds at the model, tool, and memory layers.

Independent verification

Anyone — your auditor, the customer's reviewer, a regulator — runs sectum-ai verify and validates the chain end-to-end without trusting us. Mutating any field makes verify exit 4.

How the engagement runs

  1. Scoping (30 min call). We collect the configuration of your AI surfaces in audit scope and confirm which Trust Services Criteria the pack will map to.
  2. Substrate + probe runs (3-5 days). We provision synthetic tenants, plant cryptographic canary markers, run the probe suite, and produce per-surface verdicts.
  3. Audit-pack delivery (day 7). You receive the SOC 2 Tenant Isolation Evidence Pack: the PDF (with the control-mapping appendix), the evidence.json, the in-toto envelope, the RFC 3161 timestamp token, and VERIFY.md.
  4. Auditor walk-through (optional). We join a call with your audit-firm team to walk through the methodology and answer methodology questions in real time.

What we attest, what we don't

The control mappings on the pack are assertions of test coverage, not legal certification, and they do not replace your auditor's opinion. They give your auditor the artifact they need to mark the AI-relevant controls as tested. The audit opinion remains your auditor's.

Sectum AI is not a SOC 2 readiness platform. We do not maintain your controls catalog, collect cloud-config evidence, or manage your vendor risk register. We produce one piece of evidence that plugs into one specific corner of your audit.

Engagement

Scoped per audit cycle based on the number of AI surfaces in scope and the depth of control-mapping customisation — an engagement against a 4-surface stack is lighter than a full-stack one. Start an engagement for a quote.

Start an engagement See engagements