If you're running production workloads against GetBlock's RPC endpoints, here's an infra update worth knowing about: GetBlock has completed its SOC 2 Type II audit.
For teams building on top of third-party RPC infrastructure, this is one of the few external, independently verified signals you get about whether a provider's security and operational practices actually hold up in production, not just on a docs page.
Type I vs Type II, quickly
SOC 2 (System and Organization Controls 2) is an AICPA auditing framework built around five Trust Services Criteria: Security (the mandatory baseline), Availability, Processing Integrity, Confidentiality, and Privacy.
- Type I checks whether controls are designed correctly at a single point in time.
- Type II checks whether those controls actually operated effectively over an extended window, usually 3-12 months.
GetBlock went from Type I to Type II in under 4 months, audited by Atom Assurance (SOC/ISO/GDPR/PCI specialists). That is a fast turnaround, and it generally means the control framework being tested was already part of normal operations, not something spun up for the audit.
What was actually tested
Atom Assurance evaluated both the design and the operating effectiveness of GetBlock's security and operational controls across the full observation period. Not a snapshot, but continuous behavior over months. The process was led internally by Dmitrii Petrov, GetBlock's Lead Tech PM.
Why this matters if you're building on GetBlock
- Availability claims now have an external check. Availability is one of the five audited criteria, not just a number on a status page.
- Security posture is independently verified, not self-reported.
- Your own vendor reviews get shorter. If you're shipping to enterprise or regulated customers, a SOC 2 Type II report from your RPC provider answers a large chunk of the security questionnaire your customers or compliance team will eventually ask you to fill out.
- Compliance is ongoing, not a badge. GetBlock has to keep operating to audited standards continuously to stay compliant, not just pass once and move on.
Where the attestation applies
The SOC 2 Type II scope covers GetBlock's full infrastructure stack:
- Shared Nodes: multi-tenant access across 130+ blockchains, with compute unit limits recently raised by up to 75%
- Dedicated Nodes: single-tenant performance
- Limitless Node: fixed-RPS plan, no compute unit caps
- TRON Energy Rental
- Crypto Wallet Audit stack (Wallet Risk, Wallet Audit, Rug Pull Checker)
It also covers GetBlock's security integrations: the Glider Token Risk API for on-chain token and contract risk signals, and the Hexens Builder Support Program, which gives early-stage teams access to security tooling before their first formal audit.
Getting the report
If you need the actual SOC 2 Type II report for your own vendor due diligence or security questionnaire, GetBlock will share it under NDA.


Top comments (0)