{"id":11141,"date":"2026-05-11T13:22:51","date_gmt":"2026-05-11T13:22:51","guid":{"rendered":"https:\/\/help.gitkraken.com\/uncategorized\/gk-dev-security\/"},"modified":"2026-05-11T13:22:51","modified_gmt":"2026-05-11T13:22:51","slug":"gk-dev-security","status":"publish","type":"post","link":"https:\/\/help.gitkraken.com\/gk-dev\/gk-dev-security\/","title":{"rendered":"Security Information for GitKraken.dev"},"content":{"rendered":"<p><kbd>Last updated: March 2026<\/kbd><\/p>\n<p>GitKraken.dev encrypts all data in transit (TLS) and at rest (AES-256). This page describes what data GitKraken.dev collects, where it is stored, and how it is secured for each cloud service. This applies to GitKraken cloud organizations only; On-Premise deployments manage data locally. SOC 2 reports are available for Business and Enterprise customers through the <a href=\"https:\/\/trust.gitkraken.com\/\" target=\"_blank\" rel=\"noopener\">Trust Center<\/a>.<\/p>\n<hr \/>\n<h2>What data does GitKraken.dev collect and how is it secured?<\/h2>\n<table>\n<thead>\n<tr>\n<th>Service<\/th>\n<th>What information are we collecting<\/th>\n<th>How is this information secured in the transfer<\/th>\n<th>Where is this information stored<\/th>\n<th>How is this information secured in storage<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Workspaces\/Insights<\/td>\n<td>Repo meta-data issues\/PR\u2019s<\/td>\n<td>Encrypted with TLS<\/td>\n<td>MongoDB Atlas<\/td>\n<td>Encrypted at rest (AES-256)<\/td>\n<\/tr>\n<tr>\n<td>Teams &amp; Users<\/td>\n<td>Repo-relative file paths, number of lines changed, name of branch currently checked out, first commit SHA of the repository<\/td>\n<td>Encrypted with TLS<\/td>\n<td>MongoDB Atlas<\/td>\n<td>Encrypted at rest (AES-256)<\/td>\n<\/tr>\n<tr>\n<td>Subscriptions<\/td>\n<td>Billing info: lastFour, name, type (credit card, paypal, ach&#8230;), zip, country, creditCard type (mastercard, visa&#8230;)<\/td>\n<td>Encrypted with TLS<\/td>\n<td>MongoDB Atlas<\/td>\n<td>Encrypted at rest (AES-256)<\/td>\n<\/tr>\n<tr>\n<td>Launchpad<\/td>\n<td>Storing meta-data for issues\/pull-requests\/URLs<\/td>\n<td>Encrypted with TLS<\/td>\n<td>Postgres (RDS)<\/td>\n<td>Encrypted at rest (AES-256)<\/td>\n<\/tr>\n<tr>\n<td>Cloud Patches<\/td>\n<td>Info related to the patch (repo name\/URL\/provider\/base branch name\/etc.) + the patch content itself.<\/td>\n<td>Encrypted with TLS<\/td>\n<td>Patch info is stored in a Postgres database, patch content is stored in AWS S3.<\/td>\n<td>SSE-S3, which uses 256-bit Advanced Encryption Standard (AES-256)<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>How to request a SOC 2 report<\/h2>\n<p>GitKraken and its tools are SOC 2 certified. To request a copy of the SOC 2 report, visit the <a href=\"https:\/\/trust.gitkraken.com\/\" target=\"_blank\" rel=\"noopener\">Trust Center<\/a> to start the request process. An MNDA (Mutual Non-Disclosure Agreement) is required before the report can be shared. Any member of a Business or Enterprise organization can initiate the request.<\/p>\n<div class=\"bbb-callout bbb--info\">\n<div class=\"irow\">\n<div class=\"ilogobox\">\n        <span class=\"logoimg\"><\/span>\n    <\/div>\n<div class=\"imsgbox\">\n       SOC 2 reports are only available for Business and Enterprise customers.\n    <\/div>\n<\/p><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Last updated: March 2026 GitKraken.dev encrypts all data in transit (TLS) and at rest (AES-256). This page describes what data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_searchwp_excluded":"","inline_featured_image":false,"footnotes":""},"categories":[66],"tags":[],"class_list":["post-11141","post","type-post","status-publish","format-standard","hentry","category-gk-dev"],"_links":{"self":[{"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/posts\/11141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/comments?post=11141"}],"version-history":[{"count":5,"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/posts\/11141\/revisions"}],"predecessor-version":[{"id":17073,"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/posts\/11141\/revisions\/17073"}],"wp:attachment":[{"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/media?parent=11141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/categories?post=11141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/help.gitkraken.com\/wp-json\/wp\/v2\/tags?post=11141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}