Helius Receives SOC 2 Type II Certification

We are proud to announce that we have successfully completed a System and Organization Controls (SOC) 2 Type II audit, performed by Sensiba LLP. Our report did not have any noted exceptions and was therefore issued with a “clean” audit opinion from Sensiba.

To request a copy of our SOC2 certification and view other security reports, visit our Trust Center.

Why Security Matters

Our mission is to increase the economic potential of the world's developers with crypto.

We are rebuilding the global financial system and realizing the vision of internet capital markets.

To onboard the world’s largest financial institutions to Solana, infrastructure and staking providers must be able to meet the strict compliance needs required by these enterprise companies.

As Solana’s largest validator and top development platform, the Solana ecosystem trusts our systems to be secure and compliant with today’s data security standards. Running validators, RPC nodes, and maintaining data streaming APIs are all mission critical services for Solana app developers, overall network performance, and ecosystem security. Given their importance, we hold ourselves to the highest standards and operational integrity.

Completing our SOC2 certification not only signals our existing controls and compliance, but more importantly it signals our continued commitment to the long-term health of Solana stakers, developers, and the Solana network.

What SOC 2 Compliance Means

Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 information security audit provides a report on how we handle security, availability, processing integrity, confidentiality, and privacy. A SOC 2 Type II report describes our internal systems, whether our controls meet the relevant standards, and assesses the effectiveness of those controls over a specified period of time.

Passing a SOC 2 Type 2 audit validates that our systems and processes have been thoroughly reviewed by an independent, 3rd-party accounting firm and deemed effective at protecting your data.

Our commitment to data security is underscored by encrypting all user data, having well-defined disaster recovery and incident response plans, regular penetration testing, vulnerability scans, and comprehensive cybersecurity insurance.

We also require mandatory two-factor authentication (2FA) across all systems, use comprehensive endpoint detection via SentinelOne, manage work devices through Rippling’s MDM, and use Vanta for continuous visibility into access controls and compliance.

Lastly, we've reviewed and completed all of the necessary assessments for each of our vendors, ensuring a secure tech stack.

This certification assures stakers, startups building on our platform, and the broader Solana ecosystem that we follow security best practices.

To request any of our security resources, visit our Trust Center.

Report a Security Issue

If you discover a security vulnerability with any of our systems, please report it to our team at security@helius.xyz.