What is a SOC 3? You can think of a SOC 3 report as a redacted SOC 2 report; the SOC 3 report summarizes the material of a SOC 2 report, but it excludes details of the testing that was performed and those tests’ results. A SOC 2 report must have been written to receive a SOC 3 report.
SOC 3 reports can be posted on your website, while SOC 2 reports can only be shared with an NDA.
Read more about SOC 2 reports here.