We take security seriously here.
We are SOC 2 Type II compliant; if you have any questions, please email support@height.app.
Every web request is made through HTTPs (Let's Encrypt certificate).
Your data is encrypted at rest and in transit.
We use state-of-the-art intrusion detection with Google Cloud IDS.
Our servers run on Google Cloud Kubernetes, which auto-updates our clusters to avoid security flaws.
Our database runs on Google Cloud SQL, which auto-updates its database to avoid security flaws.
Our whole login/sign up flow is end-to-end automatically tested.
We upgrade our libraries (like our ORM) to their latest often.
We have set strict rules in place from day one to prevent any leakage of any workspace data from one workspace to another.
If you have any additional questions or concerns about security, please don't hesitate to send us a note at support@height.app. Height does not currently have a bug bounty program.