CodSpeed Docs home page
Search...
⌘K
Ask AI
Support
Dashboard
Dashboard
Search...
Navigation
Security
Documentation
Guides
API References
Blog
Community
p99.chat
Get Started
Quickstart
What is CodSpeed?
Creating Benchmarks
Python
Rust
C++
Node.js
Instruments
CPU
Walltime
Databases
Integrations
Repository Providers
CI Providers
Explore Features
Performance Checks
Impact Metrics
Sharded Benchmarks
Roles & Permissions
Customization
Ignoring a Benchmark
Security
On this page
Compliance
What we’re already doing
Security
Copy page
Compliance
We’re in the process of getting our SOC 2 Type II certification, the observation period should be completed by the end of October 2025.
If you need more information, please contact us at
support@codspeed.io
.
What we’re already doing
While our SOC 2 Type II audit is in progress, we already follow security best practices to keep your data safe:
All data is encrypted
at rest and in transit using industry-standard protocols
Encrypted backups
with restricted access and automated rotation
Minimal data collection
: we only store what’s strictly necessary to generate reports
CI-only data processing
: we don’t store source code nor large benchmark inputs
Mandatory 2FA for all CodSpeed team members
Least privilege access
across services and cloud resources
Role-based access control (RBAC)
for teams and organizations
Scoped API tokens
with fine-grained access controls
Audit logs
for key actions and permission changes
Infrastructure as code
with peer-reviewed changes via pull requests
Dependency and container scanning
built into our CI
Was this page helpful?
Yes
No
Ignoring a Benchmark
Assistant
Responses are generated using AI and may contain mistakes.