Cabrella has achieved SOC 2 Type II certification, attested by Prescient Security in accordance with AICPA standards for SOC for Service Organizations (SSAE 18).

SOC 2 Type II is not a checkbox. It is an independent audit of how a company actually handles data, not just whether the right policies exist on paper, but whether they are operating as designed, consistently, over time. Type II certification requires sustained evidence of controls in practice, which is what distinguishes it from a point-in-time assessment.

Shipping insurance operates in a data-intensive environment. Every shipment that moves through Cabrella's platform carries with it a range of sensitive information: shipper and recipient details, declared values, order histories, claims records, and in many cases, the kind of high-value transaction data that makes accurate handling a legal obligation, not just a best practice. Insurance is a heavily regulated industry, and the businesses that rely on Cabrella — enterprise shippers, e-commerce operators, and logistics providers — are themselves subject to data protection requirements that extend to the vendors they work with.

For those clients, SOC 2 Type II certification is confirmation that the controls governing how Cabrella receives, stores, and processes that data have been independently tested and verified to be functioning as designed, not once, but over a sustained period of time. That is the standard the certification requires, and it is the standard Cabrella's clients should expect from any partner handling sensitive operational data on their behalf.

The audit was conducted by Prescient Security, an AICPA-accredited firm specializing in information security assessments.

‍