Security at Nhost

Engineering teams of all sizes trust Nhost to build and deploy secure applications.

SOC 2 Type II Compliant

Nhost is SOC 2 Type II compliant. This comprehensive audit verifies our security controls and data handling practices meet industry standards. Team & Enterprise customers have access to our SOC 2 report directly through the Nhost Dashboard.

HIPAA (coming soon)

Nhost is working towards HIPAA compliance. Team & Enterprise customers will be able to store Protected Health Information (PHI) on our hosted platform once we complete the audit.

AWS Cloud Infrastructure

Nhost is hosted on AWS, a leading cloud provider with a strong track record of security and reliability.

Encryption at Rest

All data is encrypted at rest with AES-256. This includes databases, storage files, and run services volumes.

Encryption in Transit

All data is encrypted in transit with TLS.

Payments Processing

Nhost uses Stripe to process payments and does not store any billing information from our customers.

Backups

All paid databases are backed up daily and stored in a secure location.

Dependency Scanning

We perform regular dependency scans to ensure our platform is secure.

Logging and Monitoring

We actively monitor and log all activity on the platform to ensure security and detect anomalies.

Incident Response

We have a documented incident response plan in place to ensure we can respond to security incidents quickly and effectively.

Found a Security Vulnerability?

We take security seriously. If you have discovered a security vulnerability, please report it to our security team.

Report Vulnerability