Security Center
Benchling provides cloud-native software solutions for life sciences research and development (R&D). These products are trusted by hundreds of global companies that operate in highly regulated industries, including biopharmaceuticals, vaccines, agricultural products, and industrial biotechnology. Customers utilize Benchling’s systems to securely store and process critical data pertaining to the design and development of advanced life science products. Because Benchling considers its commitment to protecting customer data as central to its mission, the company employs the most advanced security and privacy measures for data protection.
Benchling maintains a dedicated internal security team of security engineers, compliance experts, data engineers, and privacy- and incident-response professionals. This team is tasked with maintaining the company’s defense systems, developing security review processes, building security infrastructure, and implementing Benchling’s security policies. The team — whose members are actively involved in the global security industry, and possess extensive experience in the tech, government, and healthcare industries — also provides project-specific consulting services to Benchling’s product and engineering teams.
The security team’s data engineers are actively involved in Benchling’s data modeling, acquisition, aggregation, and analysis, working to uphold confidentiality, integrity, and availability in each step of the company’s robust threat detection process.
ArsenalBio
Beam Therapeutics
bit.bio
Cue BiopharmaUpdated SOC 2 and Penetration Test Reports Available Now!
We're pleased to share several important updates regarding Benchling's security and compliance program.
2025 SOC 2 Type 2 Report Now Available
Benchling's 2025 SOC 2 Type 2 report is now available for download in the Trust Center. This year's audit expands our commitment to security with an enhanced scope that now includes:
-
Benchling AI – Benchling AI is used to automate repetitive tasks with agents that import and organize data, create dashboards, and address complex queries. Benchling AI is designed to centralize wet lab data within an open platform, enabling model development in the dry lab and providing access to advanced models for molecule optimization or allowing users to register and utilize their own models.
-
Benchling PipeBio Antibodies – PipeBio Antibodies is our platform designed to identify and optimize leads with advanced sequence analysis suited for antibodies, t-cell receptor (TCR), peptides, and other advanced biologics modalities. PipeBio Antibodies runs end-to-end bioinformatics workflows, and operates on a scalable, extensible, cloud platform.
2025 Penetration Test Reports Available
We've also completed our 2025 penetration testing program. Reports are now available for review for the following:
ISO 27001:2022 Recertification Completed
Benchling has successfully completed its ISO 27001:2022 recertification audit, including the additional controls and implementation guidance of ISO 27017:2015 and ISO 27018:2025.
Key highlights:
- Benchling PipeBio and Benchling AI are newly included in scope
- Zero non-conformities found during the audit
- Updated certificate expected by February 18, 2025
Access Your Documents
Current Trust Center subscribers can download all reports directly from the Trust Center portal.
If you have any questions or need assistance accessing these documents, please don't hesitate to reach out to our team.
Thank you for your continued trust in Benchling.
CVE-2025-55182 - Benchling Not Affected
On December 3, 2025, the React team disclosed a security advisory for CVE-2025-55182, a vulnerability in React Server that allows unauthenticated remote code execution. Benchling’s Security team has confirmed that no Benchling products or services are impacted by this vulnerability. Our platform does not use the affected React Server components. We will continue to monitor developments related to CVE-2025-55182 and will provide updates if any relevant changes arise.
New Benchling SOC 2 Type 2 Report Available for Download
Benchling's updated SOC 2 Type 2 attestation report for Benchling's R&D Cloud products including Benchling Bioresearch, Benchling Bioprocess, and Benchling In Vivo, performed by Schellman Compliance, LLC. and covering the audit period from November 1, 2023 - October 31, 2024, is now available for download in Benchling's Trust Center.
Benchling's SOC 2 Type 2 report for the period covering from May 1, 2023 to October 31, 2023 is now available to request for download from our Trust Center.
ISO 27001:2022 Certification
Benchling recently completed its annual ISO 27001 audit of the Benchling R&D Cloud products including Benchling Bioresearch, Benchling Bioprocess, and Benchling In Vivo, performed by Schellman Compliance, LLC. The audit included the transition from ISO/IEC 27001:2013 to ISO 27001:2022 and the additional controls and implementation guidance of ISO/IEC 27017:2015 and ISO/IEC 27018:2019. An updated certificate is now available for download from Benchling’s Trust Center.
Annual Security Assessment (Penetration Test) Report Published
Doyensec, LLC just completed Benchling's 2024 security assessment / penetration test. The scope of this test covers the Benchling and In-Vivo platforms. Please see summary reports in the portal for more detail.