GrowthBook’s Stance on Security
Secure & Private by Design
We take the responsibility of providing a secure platform seriously. GrowthBook is designed to require the absolute minimum of data to provide our services. Your data stays local to your infrastructure so none of your customer data is ever exposed to GrowthBook.
Discuss Security Details
Internal Security
Our tools and methods follow industry best practices for all cloud and self-hosted accounts.
Data & Infrastructure Security
Our hosted servers encrypt data at rest and in transit. GrowthBook Cloud services are hosted on AWS and use best practices to harden our infrastructure.
Get Started
Self-hosted Accounts
For an even greater level of security, GrowthBook is able to be entirely hosted within your infrastructure. GrowthBook never sees or transmits your data.
Get started
Frequent Code Reviews
Our code is open and regularly reviewed for security vulnerabilities. We use both static analysis and regular security reviews and testing.
View Security details in GitHub
Certifications & Attestations
Building trust in our privacy and security has been integral to how we’ve architected our product. By completing the System and Organization Controls (SOC) 2 Type 1 audit, we demonstrate how GrowthBook safeguards your data and ensures good security practices.
Request our SOC 2 report
Bug Bounty Program
GrowthBook recognizes and rewards security researchers who report vulnerabilities in our products and services. Monetary bounties for such reports are entirely at GrowthBook's discretion, based on risk, impact, number of vulnerable users, and other factors.
Request details or report an issue
Unlimited experiments. Unlimited traffic. Full data control.
No credit card. No surprises. Just experimentation that scales.