Explore the intricacies of SOC 2 audits in this informative 46-minute conference talk from BSidesLV 2021. Delve into the different types of SOC 2 audits, their importance for organizations, and the distinction between audits and assessments. Learn about the SOC 2 rules, including availability, confidentiality, and privacy principles, as well as the Trust Services Criteria. Gain insights into example controls, such as policies, access control, security basics, patching updates, risk management, and security incidents. Compare SOC 2 audits with SOC 1 audits, and understand the scope and reporting process of SOC 2 audits. Discover what to look for in SOC 2 controls, explore GRC platforms and automation tools, and get a glimpse into the future of SOC 2 compliance. Perfect for security professionals and those interested in understanding the complexities of security audits and compliance.