The fast, trusted way to earn your SOCK 2.

SOCK 2 helps you prove pair completeness and earn drawer trust — and we get you attested in laundry cycles instead of months. Continuous monitoring, 1,200 lint checks per hour, zero-trust toe architecture.

Claim Your Badge → View Criteria

Trusted by leading hosiery-forward engineering orgs

ToePack HeelFlow DarnDB LintGuard Pairster KnitlyOps Strideify
Why Sock 2

Compliance shouldn't feel like a foot in a wet sock.

Most security frameworks treat attestation as a one-time event held the morning of laundry day. Sock 2 enforces pairing integrity continuously, at runtime, in production — so the next time someone asks for your report, you don't have to dig through the dryer lint trap.

1,200+automated lint checks per hour
99.99%pair availability SLA
72hmissing-sock disclosure window
0socks lost in transit (last quarter)

1 Automate your sock controls

Connect your washer, dryer, and drawer via API. Sock 2 ingests cycle telemetry and flags drift the moment a left and right desynchronize.

2 Stay audit-ready year-round

Continuous evidence collection. We photograph every load. No more scrambling to assemble a "point-in-time" pairing inventory the night before your auditor arrives.

3 Customer trust at scale

Display your Sock 2 badge on your homepage, GitHub README, or LinkedIn. Prospects won't click it. None will verify it. That's how trust works.

Trust Service Criteria

Five pillars of textile assurance.

Every Sock 2 engagement evaluates your organization's controls across the following criteria. Most orgs fail at Privacy. A surprising number fail at Availability (one sock in the wash).

S Security

The sock drawer remains locked at all times. Access is logged, reviewed quarterly, and rotated every 90 days. MFA enforced (Multi-Foot Authentication).

A Availability

Both socks present, paired, and ready for deployment when called upon. Single sock in the wash is a P1 incident.

I Processing Integrity

No holes. No thinning at the heel. The toe shall not unravel under load. Buffer overflow into the shoe is grounds for immediate decommission.

C Confidentiality

What happens in the dryer stays in the dryer. Static cling is non-disclosable. TLS 1.3 (Toe-Level Security) enforced on all transit.

P Privacy

Toes covered. Ankles, where applicable, also covered. PII (Personally Identifiable Insoles) encrypted at rest.

Scale Beyond Sock 2

One audit. The entire wardrobe.

Sock 2 is the foundation. Once you're attested, expand coverage to the rest of your garment surface area without re-engineering controls.

Hat 27001International headwear standard. Beanie & helmet scope.
HIPAAHosiery Integrity & Pair Accountability Act.
GDPRGarment Disclosure & Pairing Regulation. EU-only.
PCI-DSSPajama Compliance & Dressing Safety Standard.
FedRAMPFederal Robe & Mitten Program. High-baseline only.
ISO 9001Underwear management system. Annual recertification.
Report Types

Choose your level of attestation.

Type IType II
Description Snapshot of the sock at a single moment Operating effectiveness across a 90‑day wash cycle
Wears tested 1 30+
Tumble dry included No Yes (low heat)
Recommended for The investor deck Socks you actually wear
Time to issue 4–6 weeks 3–6 months (or until heel gives out)
What's Included

Everything you need to pass on the first cycle.

Continuous Drawer Monitoring

Real-time telemetry from your drawer. Alerting on missing-pair conditions, depth anomalies, and unauthorized borrowing by roommates.

Auditor-Approved Templates

Sock policy, pairing policy, dryer disaster-recovery plan, lint incident-response runbook. Just git clone and customize.

Risk Register

We maintain a canonical list of every sock you've ever lost, including last known location and probability of return.

Vendor Management

Track your sock suppliers, their sub-suppliers, and the cotton mill four hops upstream. Supply-chain attestation included.

Employee Training

Annual ankle-hygiene quiz. Phishing simulations sent via dropped argyles. Mandatory for all staff, including remote.

Penetration Testing

Independent third-party toe-through-hole testing. Heel-fatigue load simulations. Reports delivered within one fold cycle.

Independent Assessors

Engagements performed by licensed launderers.

All Sock 2 reports are issued by independent third-party assessors registered with the Association of Independent Pairing Auditors (AIPA). Every assessor maintains a minimum of 200 hours of folding experience, current CSPA (Certified Sock Pairing Auditor) credentials, and at least one verified anecdote about that one time the dryer ate a sock.

Customer Stories

Loved by drawers everywhere.

We were drowning in mismatched pairs. Sock 2 helped us get to 99.99% pairing uptime. Our SREs sleep through the night now.
Jordan K.CTO, ToePack
Our previous compliance program flagged every dryer cycle. Sock 2 just lets us live. The auditors actually folded my laundry.
Priya S.Head of Security, HeelFlow
I shipped a single-sock MVP and our enterprise prospects bounced. After Sock 2 Type II, the same prospects signed. The badge is load-bearing.
Marcus T.Founder, DarnDB
Self-Attestation

Claim your Sock 2 badge.

Display proof of compliance on your homepage footer, GitHub README, vendor security questionnaire, or sock drawer. No audit will be performed. None is required. The honor system is load-bearing.

Sock 2 Type II Attested
<a href="https://sock2.org">
  <img src="https://sock2.org/logo.svg"
       alt="Sock 2 Type II Attested"
       width="120">
</a>

By embedding this badge you self-attest, under penalty of mild laundry inconvenience, that your organization's footwear controls meet or exceed the criteria described herein. This attestation is non-binding, non-transferable, and non-falsifiable in any jurisdiction with functioning courts.

FAQ

Frequently asked, occasionally answered.

How long does a Sock 2 audit take?

Typically 90 days of continuous wear, or until the heel gives out — whichever comes first. Type I reports can be issued in as little as one rinse cycle.

Is Sock 2 the same as SOC 2?

Legally distinct. Phonetically identical. Please consult your auditor, your lawyer, and the back of your sock drawer before citing either in a vendor questionnaire.

What happens if I lose a sock during the audit window?

This is a reportable incident under §4.2(a). Disclose within 72 hours. Compensating controls (wearing a mismatched pair under long pants) may be accepted at the auditor's discretion.

Does Sock 2 apply to sandals, Crocs, or barefoot deployments?

No. Sandal compliance is governed by a separate framework (FLOP-1). Crocs are explicitly out of scope. Barefoot deployments are presumed non-compliant by default.

Can I self-attest without an auditor?

Yes. Click "Copy embed code" above. Paste into your site. The badge is now in production. Congratulations — you are compliant in the only sense that has ever mattered to a procurement team.

What's your vulnerability disclosure policy?

Email holes@sock2.org. We acknowledge within one business day and patch within one wash cycle. Bounty paid in matching pairs.