Security, privacy & transparency

Your data is valuable to you and safe with us.

Contact our security team
A cute polar bear with sunglasses
An arrow

Data security & privacy are in our DNA

We take security and privacy seriously here at Bearer. Our values reflect on our product, on who we work with, and on how we operate. That is by design, to protect your organization, and we are proud of it.

A lock

Controlled access

Bearer never clones repositories nor store source code ever. Bearer processes metadata only.

Shield

Encrypted data

Bearer does not store user authentication data. All data is encrypted when in transit and at rest.

A cloud

Cloud-based

Bearer infrastructure runs on Amazon Web Services. We run inside a private network, with strict access.

desktop computer emoji

Holistic security

All auth, data access, & infra providers are secure. All providers are SOC, ISO or PCI compliant.

Engineered to keep your data safe

Bearer data security diagram

Control data requests

Bearer integrates with your Source Code Management (SCM) software or your CI/CD pipeline (see the documentation for more details) and perform Static Code Analysis (SCA) on your code repositories to discover and classify data, and detect security risks.

In order to keep your sensitive data inside your private network and limit the files Bearer can access, and the actions that Bearer can perform, we use a Broker. The Bearer Broker acts as a proxy between Bearer and your code repositories. 

The Broker maintains an approved data list for inbound and outbound data requests. 

Only requests included in this approved list are allowed. By default, only metadata is sent to our infrastructure for processing and storing. You always have complete control over which data you are sending to Bearer.

A schema of Bearer infrastructure.

Security & privacy by design

Control

Your data, your choice

Controlled access to data
Opt-out and data removal
SECURITY

Secure at every step

Secure access
Encryption in transit and at rest
Solid infrastructure
Network-level security monitoring and protection
Vulnerabilities
Secure development
Privacy

Designed for your privacy

Your privacy at a glance
RELIABILITY

Build with care

Safe changes
Traceability
Reliability
TRUST

Trustworthy people & partners

Leadership
Team
Permissions
Secure access
Trusted third-party providers
Trusted payment processor
Assessed vendors