Security overview
Netlify can meet the complex security and compliance needs of Enterprises and cross-functional teams with customizable access to production and preview sites, SAML SSO login, SCIM provisioning, role-based access control, Firewall traffic rules, and more.
# Check your security posture
If you have an Enterprise plan, you can improve your team’s security and reduce your vulnerabilities by reviewing the Security Scorecard for your Enterprise team.
You can also check out the security checklist for more details on how Netlify can improve your security.
# Secure access to sites
Customize access control for your sites with a password prompt, login credentials, or based on site visitors’ IP address or location.
Learn more about Secure access to sites.
# Secure Netlify access
Secure how people can access your Netlify team, resources, and sensitive information with these security features:
- SAML SSO login through an identity provider
- SCIM Directory Sync to provision users
- Secrets Controller, which allows you to protect your most sensitive secrets
- Role-based access control
- Enforce 2FA
Learn more about Secure access to Netlify
# Secure by design and at scale
Netlify’s Frontend Cloud has a reduced attack surface, offering security by design.
Netlify also offers these security features to help you stay secure as you scale:
- Proactive DDoS monitoring
- TLS encrypted traffic and tokens
- Content Security Policy
# Compliance and Certifications
- SOC 2 Type 2 and ISO 27001 reports available
- PCI and GDPR
- CCPA and PCI-DSS
For the latest compliance news, check out the Netlify trust center.
# More security resources
Did you find this doc useful?
Your feedback helps us improve our docs.