Security at DeepSource

We follow a comprehensive set of practices and policies to make sure our systems, thus our users' data, is secure.

Privacy Dynamics

Sandboxed analysis environments

All our repository operations and analysis runs are executed in a secure sandbox. Each sandbox is restricted to access data only within its scope.

Source code security

We use OAuth tokens as our authentication mechanism to access source code from the supported source code hosting providers.

Data center security

Data loss prevention

All data we process and store are backed up frequently to multiple regions.

Safe communication

All data exchanged with DeepSource is transmitted over TLS.


We have your data security needs covered.


DeepSource is SOC 2 Type II compliant. SOC 2 ensures that we follow strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of user data.


DeepSource is compliant with the General Data Protection Regulation (GDPR). To learn more about how we collect, keep, and process your private information in compliance with GDPR, please view our privacy policy.

Responsible disclosure

Data security is a top priority for DeepSource, and we believe that working with skilled security researchers can identify weaknesses in any technology.


DeepSource is always open to feedback, questions, and suggestions. If you would like to talk with us, please email at [email protected].

Shift left, enterprise-grade.

Start building with the fastest static analysis tool for your workflow and prevent bugs before they end up in production.

  • Deploy on-premise to have absolute control of your data
  • Onboard thousands of repositories in minutes, not months
  • Save ~3.8 hours on average per developer every week