Postman Trust Center

More than 20 million developers and 500,000 organizations world-wide trust Postman as an API platform. We've created comprehensive practices and policies to earn and keep your trust.

Postman Astronaut Mascot. Illustration.

Trust your APIs

The Postman Trust Center provides information on our product security, privacy, compliance, and reliability. We aim to give you transparency about our practices and policies in place to ensure a secure corporate environment.

Security

Your data security is important to us. We maintain a security-first culture across our organization and keep security at the core of everything we do.

Compliance

We believe in a strong security foundation based on industry standards, compliance, and regulations. Postman adheres to GDPR, CCPA, and other privacy and security regulations to meet your compliance needs.

Privacy

We know how important your data and privacy are to you. At Postman, we have implemented policies and programs to appropriately and securely manage these areas to ensure your peace of mind.

Reliability

You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can use Postman with complete confidence.

Compliance certifications and regulations

We comply with industry-standard certifications and regulations to ensure the security of our company and customer data.

More about compliance at Postman →

General Data Protection Regulation (EU GDPR)

System & Organization Controls (SOC 2 & SOC 3)

Payment Card Industry Data Security Standard (PCI DSS)

CSA STAR Level One

Security Portal

Access Postman’s security and compliance documents on our Security Portal, such as penetration testing and audit reports.

Visit Security Portal
Postman holding laptop and lock. Illustration.

Postman shared responsibility model

While we continuously focus on doing our part to maintain high standards for security and complying with regulations, you also have a role to play in helping to ensure the security of your data. It's our responsibility to ensure that Postman products and services are safe and secure to use, and it's your responsibility to follow safe practices with the data you store within Postman.

To learn more about the things we expect our users to be aware of during regular product usage, please read the shared responsibility model guide.

For details on what information we collect from you and how we use, share, and store that information, consult our privacy policy.

Postman holding large key to open lock. Illustration.

Reach out to Postman Security

Our security team ensures the security of data stored with Postman and helps you keep your APIs secure by providing security-aware features, workshops, and content.

If you find a vulnerability in our service or website or want additional information about our security policies, you can contact us at security@postman.com. You can use our PGP public key to encrypt your communications with us.

If you are reporting security vulnerabilities or if you are a security researcher, review our security reporting guidelines and policy.

Additional resources

Blog Post

Postman's New SOC 2 Type 2 Report: How (and Why) We Did It.

Read blog →

Blog Post

Introducing the Secret Variable Type in Postman.

Read blog →

Leveraging Postman Security Features

Security capabilities for control and insight into your Postman team and data.

View document →

500,000 companies use Postman

Many of the world's top organizations, including 98% of the Fortune 500, are using the Postman API Platform today.

Buy NowContact Sales