Navattic’s security posture is audited annually by external auditors. We are SOC II Type 2 compliant with zero exceptions reported.
Yearly penetration-testing audits conducted by a third-party. See below for information about obtaining a report.
Hosted and served on cloud providers like Cloudflare and AWS that have the highest standards for security requirements.
Frequently asked questions
- Is Navattic SOC II compliant?
- Yes, Navattic achieved SOC II Type 2 compliance with zero exceptions. To access the report, please send an email firstname.lastname@example.org
- Where can I find the list of data subprocessors?
- For more information on other companies that process data, see our List of Subprocessors.
- Do you have a pen test report available to share?
- Yes, Navattic completes third party penetration tests annually. To request access to our latest pen test report, send an email to email@example.com.
- How is data encrypted?
- Our platform uses encryption at rest (AES-256) and in transit (HTTPS/TLS).