Your Backend is Secure

Xano's Certifications

Security measures, procedures, controls, and practices intended to keep your data safe.

ISO 27001:2013 Information Security Management System

ISO 27001 is the only auditable international standard that defines the requirements of an information security management system (ISMS). An ISMS is a set of policies, procedures, processes, and systems that manage information risks, such as cyber-attacks, hacks, data leaks or theft.

GDPR

Xano offers a GDPR-compliant DPA - Data Processing Agreement, allowing customers with GDPR contractual obligations. GDPR-compliant DPA is available for Launch, Scale, Enterprise & Agency Plans

SOC 2 (Coming Q1 2023)

While Xano is already is compliant with all of the controls and measures of SOC 2, we're in the process of getting our official certification and will have it by the beginning of 2023.

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) requires the protection and confidential handling…

ISO 9001:2015 Quality Management System

ISO 9001:2015 serves as the quality benchmark for an array of organizations located across the globe. It is a crucial framework for businesses to judge & maintain their internal processes according to a fixed set of quality guidelines.

Penetration Testing With Network Scan

PCI ASV compliance from ServerScan - Scans are ASV-Certified by the PCI Security Standards Council, and satisfy the external network scanning requirement for your PCI DSS Compliance (Requirement 11.2.2). During a PCI scanning process, the vulnerability testing engine performs a series of automated security assessments against our infrastructure at the designated IP or FQDN.