CodSpeed Docs home page
Search...
⌘K
Ask AI
Support
Dashboard
Dashboard
Search...
Navigation
Security
Documentation
Guides
API References
Blog
Community
p99.chat
Get Started
Quickstart
What is CodSpeed?
Creating Benchmarks
Instruments
Overview
CPU
Walltime
Profiling
Databases
Integrations
Repository Providers
CI Environments
Explore Features
Performance Checks
Impact Metrics
Sharded Benchmarks
Roles & Permissions
Customization
Ignoring a Benchmark
Security
On this page
Compliance
What we’re already doing
Security
Copy page
Copy page
Compliance
We’re in the process of getting our SOC 2 Type II certification, the observation period should be completed by the end of October 2025.
If you need more information, please contact us at
support@codspeed.io
.
What we’re already doing
While our SOC 2 Type II audit is in progress, we already follow security best practices to keep your data safe:
All data is encrypted
at rest and in transit using industry-standard protocols
Encrypted backups
with restricted access and automated rotation
Minimal data collection
: we only store what’s strictly necessary to generate reports
CI-only data processing
: we don’t store source code nor large benchmark inputs
Mandatory 2FA for all CodSpeed team members
Least privilege access
across services and cloud resources
Role-based access control (RBAC)
for teams and organizations
Scoped API tokens
with fine-grained access controls
Audit logs
for key actions and permission changes
Infrastructure as code
with peer-reviewed changes via pull requests
Dependency and container scanning
built into our CI
Was this page helpful?
Yes
No
Ignoring a Benchmark
Assistant
Responses are generated using AI and may contain mistakes.