SOC 2 is the de facto trust report for B2B SaaS in North America. Type I attests that controls exist on a date; Type II attests they operated effectively over 6-12 months. Enterprise procurement above ~$50K ACV almost always requires a SOC 2 Type II report.
SOC 2
An attestation report that a SaaS vendor has controls over Security, Availability, Confidentiality, Processing Integrity, and Privacy.