- Agent IAM treats each agent as a governed identity
- Allowed models / actions / environments per identity
- Expired or off-allow-list access fails closed (403)
- RBAC scopes who can change controls and policies
Bring AI agents inside your SOC 2 boundary.
SOC 2 is the AICPA attestation that a service organization's controls meet the Trust Services Criteria — Security, Availability, Processing Integrity, Confidentiality, and Privacy. When agents take real actions on customer data, they extend your control boundary. Cortex makes that boundary enforceable: scoped identities, change management, fail-closed access controls, and a tamper-evident audit trail the auditor can test.
Aligned with AICPA Trust Services Criteria · CC + A + PI + C + P
SOC 2 (AICPA Trust Services Criteria), in plain language.
A SOC 2 report is an attestation from an independent CPA firm that your controls are suitably designed (Type I) and operating effectively over a period (Type II). It is organized around the Trust Services Criteria: the Common Criteria (security, CC1-CC9), plus Availability, Processing Integrity, Confidentiality, and Privacy as applicable. SOC 2 is not a checklist you pass once — it is a continuous control program an auditor samples. Agents that read and write customer data sit squarely inside that program. Cortex contributes the access, change-management, monitoring, and logging controls for the agent layer, and — uniquely — makes the audit log itself tamper-evident so the integrity of your evidence is provable.
applies to ▸ United States · service organizations · Trust Services Criteria
Each requirement becomes an enforced, recorded control.
The Common Criteria turn on access control, change management, monitoring, and audit logging. Cortex enforces each at the agent layer and seals the resulting evidence so a Type II sample finds operating controls.
- Hash-chained Trust Ledger logs every gate verdict
- verifyChain proves the audit log was not altered
- Control Tower surfaces live anomalies and denials
- Signed receipts as offline-verifiable evidence
- Policy-as-Code changes simulated before they ship
- Golden policy tests gate changes against regression
- Versioned ontology with draft / publish / rollback
- Reliability score gates which agent versions publish
- DLP screens data in and out of every tool call
- Ontology property-level permissions restrict fields
- Tenant isolation keyed on (tenantId, id) everywhere
- Retention windows you set, with proof of deletion
- Action Fabric: dry-run → propose → approve → execute
- Compensation / rollback for executed actions
- Evaluation suites benchmark output quality
- Datapoint provenance proves outputs trace to sources
From a written obligation to provable evidence.
Every obligation reduces to a fail-closed runtime gate whose verdict lands in a tamper-evident ledger you can hand an examiner. This is the table a Compliance Pack exports for this framework.
| Obligation | Enforced Cortex control | Ledger evidence |
|---|---|---|
| CC6 — logical & physical access controls | Agent IAM + RBAC | 403 on restricted read |
| CC7 — system monitoring & incident detection | Trust Ledger + Control Tower | verifyChain ▸ ok:true |
| CC8 — change management | Policy simulate + golden tests | passed/total before ship |
| Availability — resilience & recovery | Cost caps + kill switch + SLAs | 402 over budget |
| Processing integrity — complete, accurate, authorized | Action Fabric lifecycle | executed · compensated |
| Records are complete & tamper-evident | Signed receipts, sealed chain | hashOk:false flags edits |
One-click evidence export, straight from the Trust Ledger.
A SOC 2 Type II auditor samples evidence across the period to test that controls operated. A Compliance Pack maps the Trust Services Criteria to their Cortex controls and exports the sealed run records — and because the ledger is hash-chained, the integrity of the evidence itself is provable.
- The SOC 2 control map, generated — not assembled by hand
- Sealed run records you can verifyChain offline
- Datapoint provenance: every fact threads back to its source
- Honest by construction — evidence is generated, never asserted
The SOC 2 verdicts you'll see in the demo.
These are not slideware promises — they are the literal codes and receipts the runtime returns when you challenge it against this framework's controls.
Three steps from SOC 2 on paper to provable.
- 01
Map
Pick SOC 2. Cortex lines each obligation up against the runtime gate that enforces it — no spreadsheet archaeology.
- 02
Enforce
Every agent run passes the same fail-closed gates. A denied control returns a real code (402 / 403 / 409) — never a silent pass.
- 03
Prove
Export a Compliance Pack: the mapping table plus the sealed ledger records that show each control fired, verifiable offline.
Aligned with — never certified-claimed
SOC 2 is an attestation issued by an independent CPA firm about a specific organization and period. Cortex is aligned with the Trust Services Criteria and supplies controls and tamper-evident evidence for the agent layer; the report is issued to your organization, not to Cortex.
The Cortex capabilities that satisfy this framework.
Each obligation above is enforced by a real capability in the runtime. Explore the ones that do the work for this framework.
Map the rest of your regulatory surface.
The same enforced controls and one-click evidence export cover the other frameworks your auditors cite.
ISO/IEC 42001
Aligned with ISO/IEC 42001: an AI management system with policies, roles, records, and continual improvement — evidence exported one-click..
HIPAA
Aligned with HIPAA: access controls, audit controls, minimum-necessary use, and a tamper-evident PHI access trail..
NIST AI RMF
Aligned with the NIST AI Risk Management Framework: Govern, Map, Measure, and Manage — with documented, exportable evidence..
All frameworks
The full compliance hub — every framework Cortex maps to, with the shared control-to-evidence model.
Built for the frameworks your auditors already cite.
The sealed ledger, signed receipts, and lineage graph map to the obligations across every regime you report against — aligned with, never claiming a certification you don't hold.
Turn SOC 2 from a burden into a button.
See how Cortex maps SOC 2 to enforced controls and exports auditor-grade evidence on demand.