Security at Nhost
Engineering teams of all sizes trust Nhost to build and deploy secure applications.
SOC 2 Type II (coming soon)
Nhost is working towards SOC 2 Type II compliance, a comprehensive audit that verifies our security controls and data handling practices meet industry standards. Once certified, Team & Enterprise customers will have access to our SOC 2 report directly through the dashboard.
HIPAA (coming soon)
Nhost is working towards HIPAA compliance. Team & Enterprise customers will be able to store Protected Health Information (PHI) on our hosted platform once we complete the audit.
AWS Cloud Infrastructure
Nhost is hosted on AWS, a leading cloud provider with a strong track record of security and reliability.
Encryption at Rest
All data is encrypted at rest with AES-256. This includes databases, storage files, and run services volumes.
Encryption in Transit
All data is encrypted in transit with TLS.
Payments Processing
Nhost uses Stripe to process payments and does not store any billing information from our customers.
Backups
All paid databases are backed up daily and stored in a secure location.
Dependency Scanning
We perform regular dependency scans to ensure our platform is secure.
Logging and Monitoring
We actively monitor and log all activity on the platform to ensure security and detect anomalies.
Incident Response
We have a documented incident response plan in place to ensure we can respond to security incidents quickly and effectively.
Found a Security Vulnerability?
We take security seriously. If you have discovered a security vulnerability, please report it to our security team.
Report Vulnerability