At Benchling, trust is part of our DNA. Maintaining the highest levels of security, data privacy, and compliance is essential to our commitment to customers.

SOC 2 Type 2

Benchling underscores its commitment to Security with its achievement of SOC 2 Type 2. This affirms Benchling's focus on offering best-in-class security and information privacy to protect its global biotech customer base.


We employ a security-by-design approach to protecting your data that applies to every aspect of how we develop and maintain our products.
  • Product

    Benchling embeds security in the Software Development Life Cycle and provides robust admin controls to give you greater visibility and control over your data with features like SSO and IP range restrictions.
  • Operation

    Benchling’s security team continuously implements new controls and maintains an active posture in regard to threat detection, disaster recovery, and business continuity plans.
  • Organization

    Benchling maintains an ISO 27001 certification, a SOC 2 Type 2 attestation, and is audited annually by independent third-party experts to confirm adherence to high industry standards.

Security documentation

  • 43.svg

    Security white paper

    Benchling considers its commitment to protecting customer data as central to its mission and it employs the most advanced security and privacy measures for data protection.
  • icon-privacy.svg

    Information security policy

    Benchling's information security policy is designed to ensure the confidentiality, integrity, and availability of customer data.


We certify our products against the strictest industry standards and help you meet compliance requirements through our solutions.
  • Certifications

    Benchling’s security and privacy programs are certified under ISO/IEC 27001:2013 and EU-US Data Privacy Framework (DPF) Program. Benchling also maintains a SOC 2 Type 2 attestation.
  • Regulations

    Benchling has been built for compliance with FDA 21 CFR Part 11, Annex 11 and EPA regulations for operating in a regulated (GxP) environment.
  • Regional Standards

    Benchling aligns to crucial regional cybersecurity and privacy standards such as NIST, C5, GDPR, NCSC and CCPA.


We have aligned our practices with the EU-US Data Privacy Framework (DPF) Program, GDPR, and CCPA regulations.
  • Data protection

    Benchling protects your data at rest and in transit using AES 256-bit encryption and TLS encryption 1.2 or higher, respectively.
  • Data governance

    Benchling offers complete ownership and control over your data export, edit, retention, and storage.
  • Transparency

    Benchling practices a Zero Trust policy. Access to systems is restricted requiring multiple security attributes assigned to each user and multi-factor authentication is required in order to access any of the company’s IT services.