Privacy & Security

CodeSee takes security seriously. You can develop with confidence knowing that CodeSee is SOC 2 Type II certified, follows industry best practices, and has robust controls and processes in place to secure your data. And though we analyze your code, we do so within your environment, and we do not store your code.

Feel free to read more about the exact permissions that we use here.

Code files connecting to dependencies within a folder in a Map.

SOC 2 Type II certified.

CodeSee is built with security firmly in mind. We don't store your code on our servers and we are also SOC 2 Type II certified, giving you peace of mind that your code is protected.

Need to pass security review to install CodeSee?
Get our SOC 2 report instantly or request our data flow diagram:

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Application Security

CodeSee is built to be robust, reliable and secure.

All code is developed to be secure, performant, and maintainable. We use modern tools and frameworks to limit exposure to OWASP Top 10 security risks. We limit access to production servers, and conduct manual code review and automated testing.

We use CloudFlare’s enterprise-grade Web Application Firewall to protect against attacks. We invest in automated monitoring and anomaly detection, and keep audit logs of events to help identify, investigate, and recover from unauthorized activity.

Customer data is encrypted at rest and in transit using 256-bit or higher encryption. Auth tokens are further encrypted before being stored. Encryption keys are managed by AWS. User credentials are salted and hashed.

A third-party provider performs annual penetration tests to discover any vulnerabilities in our application. Contact us for our latest test report.

Network Security

Our cloud network provides a world-class standard of security.

All of our data is stored securely with cloud service provider AWS. Those data centers are SOC2 and ISO 27001 certified.

Through AWS, we run daily backups of our database. We are able to restore our production database to any backup within the last 7 days.

Organizational Security

Our organization maintains strict protocols to keep us all safe.

All employees who have access to customer data are required to undergo background checks, in accordance with local laws.

All employees and contractors are required to sign confidentiality agreements prior to their start date.

We conduct company-wide information security awareness training annually and regularly reinforce security protocols through internal communication channels.

We use the principle of least privilege to define data access. Access is reviewed when employees change roles, and is immediately terminated when employees leave the company.

All devices that connect to our platform or to any cloud services storing our data use fully-encrypted hardware and up-to-date firewalls.

Frequently asked questions

Have questions about security? We've done our best to anticipate your questions below. Our friendly sales team is happy to talk to you anytime, just book a time to chat or chat with a real human instantly.

Does CodeSee have any security certifications?