Security, Compliance &
Transparency

We treat your code, data, and infrastructure with the highest standard of care. This trust center provides complete visibility into how we secure your environment.

SOC 2 Type II Certified
ISO 27001 Compliant
GDPR & CCPA Ready
99.99% Uptime SLA

Certifications & Compliance

We undergo rigorous third-party audits to ensure our platform meets global security and privacy standards.

🛡️

SOC 2 Type II

✓ Certified

Annual audits by independent firms validating security, availability, and confidentiality controls.

🔐

ISO 27001:2022

✓ Certified

Internationally recognized standard for information security management systems (ISMS).

🌍

GDPR & CCPA

✓ Compliant

Full data privacy alignment with EU and California regulations, including DPA and data subject rights.

🏥

HIPAA Ready

\n ✓ Available

Custom BAA available for healthcare customers requiring protected health information handling.

Request Audit Reports (Customers)

Infrastructure & Reliability

Built for scale, resilience, and continuous availability across global edge networks.

99.99%
Uptime SLA
300+
Edge Locations
24/7
SOC Monitoring
<1min
Incident Response

🔑 Access & Identity

  • SSO/SAML 2.0 & SCIM provisioning
  • Role-based access control (RBAC)
  • MFA enforcement & session management
  • Detailed audit logs & exportable trails

🔒 Encryption & Data Handling

  • AES-256 at rest, TLS 1.3 in transit
  • Customer-managed encryption keys (KMS)
  • Zero-knowledge architecture for secrets
  • Immutable backup snapshots & point-in-time recovery

Security Program & Transparency

We believe in open, proactive security. Our team continuously monitors, tests, and improves our platform.

🐞 Bug Bounty & VDP

We partner with HackerOne and responsibly disclose vulnerabilities. Rewards up to $50,000 for critical findings.

Submit Vulnerability

📜 Vulnerability Disclosure

Full disclosure policy with 90-day remediation window. We publish post-incident reports within 72 hours of resolution.

Read VDP Policy

📢 Security Updates

Dec 12, 2024

Key Rotation & TLS 1.3 Enforcement

Completed infrastructure-wide cryptographic key rotation and deprecated TLS 1.2 across all API endpoints.

Nov 05, 2024

SOC 2 Type II Audit Finalized

Passed independent audit with zero high-severity findings. Report available to enterprise customers.

Oct 18, 2024

Zero-Trust Architecture Upgrade

Deployed service mesh with mutual TLS and micro-segmentation for internal platform communication.

Report a Security Concern

We take all reports seriously and aim to acknowledge within 24 hours. Please include detailed steps to reproduce and any relevant logs.

📧 security@git.dev 🔑 View PGP Key 🐛 HackerOne Portal