Gatsby has achieved SOC 2 Type 2 certification, meeting the AICPA Trust Services Criteria for Security, Availability, and Confidentiality, following a rigorous evaluation process from October 2021 to March 2022. This certification demonstrates Gatsby's commitment to IT security and data protection, with the implementation of a robust cybersecurity program that includes continuous vulnerability patching and regular penetration testing, aided by compliance partner Laika. While proud of this achievement, Gatsby emphasizes that compliance is not the entirety of security and continues to enhance its security measures beyond SOC 2 requirements by architecting its services to securely segment and isolate customer data, conducting quarterly incident response exercises, and offering educational resources to its community. The ongoing efforts aim to provide a dependable development environment and empower developers to create secure web applications using Gatsby.