Site icon Chainstack

Chainstack achieved ISO/IEC 27001 certification

Iso 1 logo

We’re proud to announce that as of this month, Chainstack has officially achieved ISO/IEC 27001 certification! We received the final Stage 2 audit report and certificate from our long-term compliance partner A-LIGN, closing out a process we committed to publicly earlier this year.

Paired with the SOC 2 Type II certification we earned in December 2025, Chainstack is now one of a small number of blockchain infrastructure providers that can hand an enterprise compliance team both audit reports on the first ask.

What ISO/IEC 27001 actually certifies

ISO/IEC 27001 is the international standard for information security management. Unlike SOC 2, which attests that a defined set of controls operated effectively over a period of time, ISO 27001 certifies that an organization has built and continues to operate a full Information Security Management System (ISMS) — a governed, risk-driven program spanning policies, people, processes, and technology, aligned to the Annex A control set of the 2022 revision of the standard.

In practice, the audit examined how Chainstack:

The certification was issued by A-LIGN, an ISO/IEC 27001 certification body accredited by the ANSI National Accreditation Board (ANAB) and the United Kingdom Accreditation Service (UKAS). For readers who want the deeper background on how SOC 2 Type II and ISO 27001 map to institutional due diligence for Web3, our earlier piece on SOC 2 Type II and ISO 27001 for blockchain infrastructure walks through it in detail.

Why we did this

“With ISO 27001 now in place alongside Chainstack’s SOC 2 Type II compliance, Chainstack covers the two audit-backed standards regulated teams expect from blockchain infrastructure. Customers get evidence they can take straight into their own risk process.”

Eugene Aseev, Founder, Chainstack

Chainstack customers include wallets, exchanges, custodians, tokenization platforms, oracle networks, and a growing set of regulated financial institutions building on public and permissioned chains. For every one of them, the vendor security review is a real gate. Dual certification (SOC 2 Type II + ISO 27001) is what gets you through it.

Getting through that gate on the first ask matters. It’s the difference between a two-week procurement cycle and a six-month one.

A-LIGN, who conducted the audit, added:

“Congratulations to Chainstack for earning ISO/IEC 27001 certification, a widely recognized signal of trust and security. It’s great to work with organizations like Chainstack, who understand the value of expertise in driving an efficient audit and the importance of a high-quality final report.”

Steve Simmons, COO, A-LIGN

What this means for you

If you’re a Chainstack customer, nothing changes operationally — the controls audited under ISO 27001 are the ones we’ve been operating against all along. What does change is what your security, risk, and procurement teams can now do with that:

If you’re evaluating Chainstack and want the reports, reach out to your account team or contact us — we’ll get them to your compliance reviewer the same day.

What’s next

Compliance is a program, not a milestone. ISO 27001 doesn’t end the security work — it puts an independent auditor’s stamp on the fact that the work is real and continuous.

Together with SOC 2 Type II, it confirms that Chainstack meets the audit standard regulated teams already require from the rest of their infrastructure stack.

If you’re building stablecoin rails, RWA tokenization, custody, exchange infrastructure, DeFi, or AI-driven trading on Ethereum, Solana, BSC, Base, Arbitrum, or any of the 70+ networks we support, you can now do it on infrastructure your compliance team can sign off on.

Create a Chainstack account and deploy your nodes on audited infrastructure.

Welcome to the next level of secure Web3 building with Chainstack! 💙

Exit mobile version