What is the difference between SOC 1, SOC 2, and SOC 3 reports?

SOC reports are attestation reports produced by independent auditors under the AICPA framework. SOC 1 evaluates controls relevant to financial reporting, used when a service organization affects a client's financial statements. SOC 2 evaluates controls related to security, availability, processing integrity, confidentiality, and privacy, and is the standard report requested by enterprise customers evaluating cloud providers. SOC 3 contains the same information as SOC 2 but in a general-use summary format suitable for public distribution. Type I reports assess controls at a point in time.