Postman Trust Center

More than 20 million developers and 500,000 organizations world-wide trust Postman as an API platform. We've created comprehensive practices and policies to earn and keep your trust.

Postman Astronaut Mascot. Illustration.

Trust your APIs

The Postman Trust Center provides information on our product security, privacy, compliance, and reliability. We aim to give you transparency about our practices and policies in place to ensure a secure corporate environment.

Security

Security is a priority in every stage of our product development, enabling us to layer protections early and often.

Compliance

Postman complies with global industry standards on data security and privacy, including the European Union's General Data Protection Regulation and the California Consumer Privacy Act.

Privacy

We respect your privacy preferences and give you control over your data. We also have privacy controls to limit personal data collection, and such activities comply with global regulatory requirements.

Reliability

You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can confidently use Postman.

Compliance certifications and regulations

We comply with industry-standard certifications and regulations to ensure the security of our company and customer data.

More about compliance at Postman →

General Data Protection Regulation (EU GDPR)

System & Organization Controls (SOC 2 & SOC 3)

Payment Card Industry Data Security Standard (PCI DSS)

CSA STAR Level One

Security Portal

Access Postman’s security and compliance documents on our Security Portal, such as penetration testing and audit reports.

Visit Security Portal
Postman holding laptop and lock. Illustration.

Postman shared responsibility model

Postman maintains security and regulatory compliance standards. We ensure our products and services are safe and secure to use. However, you also serve a role in securing your data and following safe practices with the information you store within Postman.

Please access the shared responsibility model guide to learn what we expect our users to know during product usage. Also, read our privacy policy that describes how Postman collects, uses, and shares your data.

Postman holding large key to open lock. Illustration.

Reach out to Postman Security

Our security team ensures the security of data stored with Postman and helps you keep your APIs secure by providing security-aware features, workshops, and content.

If you find a vulnerability in our service or website or want additional information about our security policies, you can contact us at security@postman.com. You can use our PGP public key to encrypt your communications with us.

If you are reporting security vulnerabilities or if you are a security researcher, review our security reporting guidelines and policy.

Access Resources

We want to answer your questions and inform your security decisions about our product.

Blog Post

Postman's New SOC 2 Type 2 Report: How (and Why) We Did It.

Read blog →

Blog Post

Introducing the Secret Variable Type in Postman.

Read blog →

Leveraging Postman Security Features

Security capabilities for control and insight into your Postman team and data.

View document →

500,000 companies use Postman

Many of the world's top organizations, including 98% of the Fortune 500, are using the Postman API Platform today.

Buy NowContact Sales