We’ve always taken security seriously.

Now, with over 200,000 companies and 6 million developers using Postman worldwide, we wanted to make it easier for both small and large companies to understand exactly how seriously we take security. So, we went ahead and got SOC 2 certified!

Just to give a quick overview, Service Organization and Controls (SOC) are assurance reports which provide an industry-wide acknowledgment that a company adheres to trust service principles. These principles, set by the American Institute of Certified Public Accountants (AICPA), are security, availability, processing integrity, confidentiality, and privacy. There are multiple types of SOC reports, and SOC 2 is the standard security compliance for SaaS companies, like Postman. These reports provide valuable information for enterprises and customers to assess the quality of security provided by a service like Postman.  

After considerable time and effort, we are excited to announce that Postman has successfully completed the Service Organization Controls (SOC) 2 Type 1 audit with no exceptions!

This is an essential step in our mission to ensure security and governance – and we won’t stop here. While the SOC 2 Type 1 report is an important milestone, we already have our eye on a Type 2 report, which will further validate the strength of our controls over time.  We hope these reports convey our effectiveness at safeguarding the data of our current and future customers.

The Postman  SOC 2 Type 1 report is available under NDA upon request.