Postman Trust Center
See why 35 million developers and 500,000 organizations—including 98% of the Fortune 500—trust the Postman platform to design, build, and scale APIs securely.
Sustaining a partnership of trust
The Postman Trust Center provides information on our product security, privacy, compliance, and reliability. We aim to give you transparency around our practices, standards, and policies in place to secure our corporate environment.
Security
We embed security at every stage of development and offer enterprise-grade features like BYOK encryption and audit logging—so you can build on a platform that prioritizes protection from the start.
Compliance
Postman complies with global industry standards on data security and privacy, including the European Union's General Data Protection Regulation and the California Consumer Privacy Act.
Privacy
We respect your privacy preferences and give you control over your data. We also have privacy controls to limit personal data collection, and such activities comply with global regulatory requirements.
Reliability
You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can confidently use Postman.
Regulatory compliance and standards
We comply with industry standards and regulations to protect our corporate and customer data.
General Data Protection Regulation (EU GDPR)
System & Organization Controls (SOC 2 & SOC 3)
Payment Card Industry Data Security Standard (PCI DSS)
CSA STAR Level One
Postman Security and Trust Portal
Access Postman's security and compliance documents on our Security and Trust Portal, such as penetration testing and audit reports.
Postman shared responsibility model
Data security is a shared responsibility between Postman and users. Please explore our guide covering the best practices you should follow to secure your data and credentials in Postman.
Contact Postman Security
Postman Security protects your data and helps secure your APIs. We provide security and governance features, workshops, and trusted information.
If you want additional information about our security policies, please contact us at security@postman.com. You can use our PGP public key to encrypt your communications with us.
To report a vulnerability, check out our reporting page on HackerOne. Security researchers should also review our security guidelines and policy for reporting security vulnerabilities through our bug bounty program.
Report potential abuse
Please contact our customer support team or security@postman.com to report potentially abusive behavior or malicious activity involving Postman accounts or resources.
500,000 companies use Postman
Many of the world's top organizations, including 98% of the Fortune 500, are using the Postman API Platform today.
June 3 & 4, 2025 in Los Angeles, CA
Step into the future of APIs and AI at POST/CON 25. Join developers, architects, and tech leaders to build smarter, faster, and more secure APIs in the age of generative AI.
