Security at DeepSource

We follow a comprehensive set of practices and policies to make sure our systems, thus our users' data, is secure.

World's best engineering teams use DeepSource
Intel
Mastodon
NASA
Ethereum
Grid.AI
Supplyframe
HeyCar
Fly.io
RudderStack
Okteto

Sandboxed analysis environments

All our repository operations and analysis runs are executed in a secure sandbox. Each sandbox is restricted to access data only within its scope.

Source code security

We use OAuth tokens as our authentication mechanism to access source code from the supported source code hosting providers.

Data center security

Safe communication

All data exchanged with DeepSource is transmitted over TLS.

Data loss prevention

All data we process and store are backed up frequently to multiple regions.

Compliance

We have your data security needs covered.

SOC ll Type 2

DeepSource is undergoing procedures for SOC II Type 2 compliance. SOC II ensures that we follow strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of user data.

in progress
GDPR

DeepSource is compliant with the General Data Protection Regulation (GDPR). To learn more about how we collect, keep, and process your private information in compliance with GDPR, please view our privacy policy.

Responsible disclosure

Data security is a top priority for DeepSource, and we believe that working with skilled security researchers can identify weaknesses in any technology.

Exclusions

DeepSource is always open to feedback, questions, and suggestions. If you would like to talk with us, please email at security@deepsource.io.

Shift Left, Enterprise-Grade

Start building with the fastest static analysis tool for your workflow and prevent bugs before they end up in production.

  • Deploy on-premise to have absolute control of your data
  • Onboard thousands of repositories in minutes, not months
  • Save ~3.8 hours on average per developer every week