// Trust & Security Report
LangChain, Inc.
LangGraph is LangChain's MIT-licensed, open-source agent orchestration framework (self-hosted, run-your-own-infra code). It is commercially paired with LangSmith, LangChain's hosted developer platform for observability, evaluation, and deployment; the hosted runtime for LangGraph agents (formerly branded "LangGraph Platform", renamed "LangSmith Deployment" in Oct 2025) is part of that same LangSmith product family and is where LangChain's compliance program applies.
Certifications held
3
Maturity
Growth
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.langchain.com“Compliance SOC 2 Type II GDPR HIPAA ... Audit Reports 2025 SOC 2 Type 2 LangChain Audit Report.pdf”
> Show 6 unconfirmed / not-held certifications
source: trust.langchain.comTrust center lists only 'SOC 2 Type II' under Compliance; no separate Type I attestation is referenced (Type II supersedes it).
source: trust.langchain.comNo public evidence. The trust center's Compliance section lists exactly three items (SOC 2 Type II, GDPR, HIPAA) with no ISO 27001 badge, audit report, or certificate referenced anywhere on trust.langchain.com or langchain.com.
source: trust.langchain.comNo public evidence. Not listed on trust.langchain.com's Compliance section and no mention found on langchain.com or in search results.
source: trust.langchain.comNo public evidence. Not listed on trust.langchain.com's Compliance section; a CAIQ v4.0.3 questionnaire is offered as a downloadable resource but this is a self-assessment artifact, not a CSA STAR registry listing/certification.
source: trust.langchain.comNo public evidence. Not listed under Compliance on trust.langchain.com; Stripe is named as the subprocessor handling payment processing, which is consistent with LangChain not itself being in PCI scope.
source: trust.langchain.comNo public evidence of FedRAMP authorization on trust.langchain.com or langchain.com.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
The vendor's regions FAQ documents four hosted instances: GCP US (default, smith.langchain.com), GCP EU (eu.smith.langchain.com), GCP APAC (apac.smith.langchain.com), and AWS US (aws.smith.langchain.com); a specific GCP region ID (e.g. us-central-1) is not published on the vendor domain. The trust center subprocessor list shows data-location options of USA or Netherlands (GCP, ClickHouse), USA (AWS), and US or Germany (Supabase). Enterprise customers can self-host or run BYOC on their own AWS/GCP/Azure/Kubernetes so data stays in their environment.
LangSmith's own product page states verbatim: "We will not train on your data, and you own all rights to your data." This commitment is specific to LangSmith (and its LangGraph deployment runtime); it does not apply to third-party model providers a customer chooses to route through their agent (e.g. OpenAI, Anthropic, Fireworks, Baseten are listed as inference subprocessors for LangSmith's own AI-powered features like the LangSmith Engine, opt-in for enterprise). LangGraph the open-source library itself sends no data anywhere unless the developer wires it to LangSmith or a model provider.
// Security controls
SOC 2 Type II audit
Independently audited; 2025 SOC 2 Type II report available to customers via trust center (NDA/access request required).
trust.langchain.comPenetration testing
Regular third-party pentests; 2026 LangSmith Pentest Executive Summary published in the trust center Assessments section.
trust.langchain.comData encryption
Data encryption utilized in transit and at rest per trust center Product Security controls.
trust.langchain.comAccess control
Unique production database and account authentication enforced; documented Access Control Policy.
trust.langchain.comIncident transparency
Publishes detailed public postmortems for third-party incidents that could have touched LangSmith (Vercel account-compromise incident, Apr 2026; Axios npm supply-chain compromise, Mar 2026; TeamPCP API-key exposure campaign, Mar 2026). In all three, LangChain states no LangSmith customer data was accessed and details the verification steps taken.
trust.langchain.comBusiness continuity / DR
Continuity and Disaster Recovery plans established and tested annually; cybersecurity insurance maintained (per trust center Internal Security Procedures controls).
trust.langchain.comSelf-hosting / BYOC
Enterprise plan supports bring-your-own-cloud and fully self-hosted deployment on customer Kubernetes (AWS/GCP/Azure), keeping data in the customer's own environment.
langchain.com// Products & data scope
data: None held by LangChain; MIT-licensed code runs entirely in the developer's own environment. No compliance certification applies because there is no hosted service or customer data flow unless separately wired to LangSmith or a model API.
Free, open source, no vendor-side data handling by itself.
data: Agent state, checkpoints, traces, and runtime metadata for deployed agents.
Achieved SOC 2 Type II alongside LangSmith per LangChain's 2025 announcement; covered by the same trust.langchain.com compliance program as LangSmith.
data: Traces, datasets, API keys, org metadata, employee/customer PII per trust center data-collected disclosure; optional PHI depending on customer use case (HIPAA/BAA available).
Primary product covered by the SOC 2 Type II / GDPR / HIPAA claims on trust.langchain.com; hosted default in GCP US, with GCP EU, GCP APAC, and AWS US regional instances plus BYOC/self-hosted options available.
// What to watch
- Product/identity scoping risk: the SOC 2 Type II / GDPR / HIPAA claims documented at trust.langchain.com are for the commercial LangSmith platform and its LangGraph deployment runtime (LangSmith Deployment, formerly 'LangGraph Platform') -- NOT for the standalone open-source LangGraph library, which has no hosted infrastructure of its own. AIFOXX should not present 'LangGraph' as unconditionally SOC2/HIPAA-certified without this caveat, since a developer self-hosting LangGraph without LangSmith gets none of this vendor compliance coverage.
- No public evidence of ISO 27001, ISO/IEC 42001 (AI management systems), or CSA STAR -- notable gaps for an AI agent-infrastructure vendor, though not unusual for this market segment.
- HIPAA BAA availability is reported as an Enterprise-tier feature by secondary sources (search summaries); could not locate a literal vendor-domain quote confirming the exact tier gating, only the trust center's flat 'HIPAA' compliance badge. Recommend re-verifying the BAA tier restriction directly with LangChain before quoting it to a regulated-industry buyer.
- Trust center discloses three publicly-acknowledged security events in a ~3 month window (Mar-Apr 2026: TeamPCP API-key exposure campaign, Axios npm supply-chain compromise, Vercel account-compromise incident). LangChain states none resulted in confirmed LangSmith customer-data compromise, and the transparency/detail of the disclosures is a positive signal, but the frequency is worth surfacing to prospective enterprise buyers.
// At a glance
Pricing model
LangGraph itself is free and open source (MIT license). LangSmith/LangSmith Deployment is usage-based commercial SaaS with self-serve (Stripe-billed) and Enterprise contract tiers; Enterprise unlocks BYOC/self-hosting, SSO/SCIM, and BAA.
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on LangChain, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.langchain.com