Postman Trust Center
More than 20 million developers and 500,000 organizations world-wide trust Postman as an API platform. We've created comprehensive practices and policies to earn and keep your trust.
Trust your APIs
The Postman Trust Center provides information on our product security, privacy, compliance, and reliability. We aim to give you transparency about our practices and policies in place to ensure a secure corporate environment.
Security
Security is a priority in every stage of our product development, enabling us to layer protections early and often.
Compliance
Postman complies with global industry standards on data security and privacy, including the European Union's General Data Protection Regulation and the California Consumer Privacy Act.
Privacy
We respect your privacy preferences and give you control over your data. We also have privacy controls to limit personal data collection, and such activities comply with global regulatory requirements.
Reliability
You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can confidently use Postman.
Compliance certifications and regulations
We comply with industry-standard certifications and regulations to ensure the security of our company and customer data.
General Data Protection Regulation (EU GDPR)
System & Organization Controls (SOC 2 & SOC 3)
Payment Card Industry Data Security Standard (PCI DSS)
CSA STAR Level One
Security Portal
Access Postman’s security and compliance documents on our Security Portal, such as penetration testing and audit reports.
Postman shared responsibility model
Postman maintains security and regulatory compliance standards. We ensure our products and services are safe and secure to use. However, you also serve a role in securing your data and following safe practices with the information you store within Postman.
Please access the shared responsibility model guide to learn what we expect our users to know during product usage. Also, read our privacy policy that describes how Postman collects, uses, and shares your data.
Reach out to Postman Security
Our security team ensures the security of data stored with Postman and helps you keep your APIs secure by providing security-aware features, workshops, and content.
If you find a vulnerability in our service or website or want additional information about our security policies, you can contact us at security@postman.com. You can use our PGP public key to encrypt your communications with us.
If you are reporting security vulnerabilities or if you are a security researcher, review our security reporting guidelines and policy.
Access Resources
We want to answer your questions and inform your security decisions about our product.
500,000 companies use Postman
Many of the world's top organizations, including 98% of the Fortune 500, are using the Postman API Platform today.