security authentication fusionauth

Security

We take security seriously. This page provides information about our security practices and contacting our team if you have questions or security reports.

security authentication fusionauth

FusionAuth is SOC 2 Type 2 Compliant

We are proud to announce that as of April 7, 2022 we are SOC 2 Type 2 compliant.

hipaa  baa icon

HIPAA BAA

We are happy to sign BAA for companies that wish to leverage FusionAuth Cloud and need to comply with healthcare industry regulations.

audits background checks secure icon

Audits, Background Checks & Training

We perform regular security audits at every level of our organization from employees to our servers. We also review all changes to our source code for security issues.

We run complete background checks on all employees and contractors. This process is repeated each year.

All of our employees and contractors go through security training each year. We currently use ESET's security awareness training as part of this process.

General Data Protection Regulation (GDPR)

FusionAuth can be deployed on any server, anywhere in the world. This makes it simple for companies to ensure FusionAuth complies with GDPR.

general data protection regulation gdpr logo

Found a bug?

If you've discovered a bug in our website, our account systems, or the FusionAuth application itself, review all of the information below to learn about our responsible disclosure process and guidelines. Once you've read through everything, please submit your report to security@fusionauth.io

Responsible Disclosure Program

Discovering Security Vulnerabilities

Reporting a Vulnerability

FusionAuth is Complete Auth for Any App

FusionAuth is a complete solution with no sacrifices. We got this. Go build something awesome.