Is Figma safe?
Review Figma security risks.

Nudge Security provides security profiles for thousands of SaaS apps, including Figma. This public profile has the basics you’ll need for a vendor risk assessment. For more details on Figma, including breach history, start a free trial of Nudge Security.
Try Nudge Security
Explore demos
Try it free
Explore demo
Security ProfilesDesignFigma
Figma Security Profile

CATEGORY

Design

Organization Details

What is

Figma

?

Build better products as a team. Design, prototype, and gather feedback all in one place with Figma.

HEADQUARTERS

United States

HOSTING

HOSTING LOCATION

Who's Using Figma in your org?

Nudge Security discovers every user for every SaaS app within minutes of starting a free trial. No credit card required.

Learn how

Security Program

SECURITY CERTIFICATIONS

SOC2 Compliance
PCI Compliant
HIPAA Compliant
SOC2 Compliance
SOC 2 Compliant
GDPR Compliant
ISO 27001 Compliant
FedRamp Compliant
CSA Star Level 1
Compliant

SECURITY PAGE

https://figma.com/security/

SECURITY PORTAL

VULNERABILITY DISCLOSURE

https://hackerone.com/figma

TERMS OF SERVICE

https://www.figma.com/developer-terms/
Figma breach history
Has Figma experienced a recent breach? Start a free trial of Nudge Security for a full breach history and more security program details.
Learn more

Authentication

AUTHENTICATION / SSO

Supported Okta Features
  • SAML
  • Create
  • Update
  • Deactivate
Login with Google support
Login with Microsoft support
Supports SSO
Two-factor authentication via SMS
Two-factor authentication via E-mail
Two-factor authentication via Hardware
Two-factor authentication via Software
Two-factor authentication via TOTP
Two-factor authentication via U2F

oauth details

  • 532352704633-6pkces9iboppp465idnovkcqtlsa8j7t.apps.googleusercontent.com - Figma
  • E-mail: support@figma.com
  • Terms of Service:
  • Privacy Policy: https://www.figma.com/tos
  • 532352704633-bikogglp6jd4ouavq3gr8bf82bvt8p58.apps.googleusercontent.com - Figma
  • E-mail: support@figma.com
  • Terms of Service:
  • Privacy Policy: https://www.figma.com/tos
  • 68994840458-eaosee3tcba6dmdsdjk4ev1ie5dbob2q.apps.googleusercontent.com - Figma
  • E-mail: gcp-developers@figma.com
  • Terms of Service: https://lh3.googleusercontent.com/DZxpuz7RRxvCy9CMAXG6qP9iuTFJINhsCm9YBvQZ9JE5uCWDE7OUM6BzFdsyDQSKLQ9k
  • Privacy Policy: https://figma.com/tos
  • 1035183305161-023t9bv45iaqkhk2skm1ph1oh7t5viq9.apps.googleusercontent.com - Figma
  • E-mail: figma-extensions@figma.com
  • Terms of Service: https://lh3.googleusercontent.com/GEZ9vr5DklnzJ-3wQiRQVRs3nP1Hx9qS6p_grnoARb5v_u3uJtstSTadab-bdnAaXQ
  • Privacy Policy: https://www.figma.com/tos/
Figma OAuth Grants
Is Figma connected to your other business apps? Start a free trial of Nudge Security to see all app-to-app OAuth grants.
Learn more

Supply Chain

Apps in Figma's supply chain
  • Swoogo
  • CloudApp
  • Marketo
  • Shopify
  • Statuspage
  • Splash
  • Bevy
  • Amazon Web Services (AWS)
  • Netlify
  • Discourse
  • Zendesk
  • BigMarker.com
  • Greenhouse Software
  • Google Workspace
  • Stripe
  • Segment
  • Google Analytics
  • Dropbox
  • Drift
  • Outreach.io
  • Figma
  • Wiz
  • Fastly
  • Apple Business Manager
  • Zoom Video Communications
Figma supply chain breach history
What's in Figma's SaaS supply chain? Start a free trial of Nudge Security to manage software supply chain security at scale.
Learn more

Subdomains

Figma subdomains
  • releases.figma.com
  • forum.figma.com
  • brand.figma.com
  • font-daemon.figma.com
  • cdn.figma.com
  • store-eu.figma.com
  • help.figma.com
  • go.figma.com
  • config.figma.com
  • store-uk.figma.com
  • forms.figma.com
  • static.figma.com
  • api-cdn.figma.com
  • store-ca.figma.com
  • friends.figma.com
  • events.figma.com
  • status.figma.com
  • store.figma.com
  • desktop.figma.com
  • store-jp.figma.com
  • info.figma.com
  • share.figma.com
  • schemavirtual2022.figma.com
  • hello.figma.com

Regain control of SaaS security.

Nudge Security discovers all SaaS accounts ever created by anyone in your org within minutes of starting a free trial. Get a full SaaS inventory today, along with insights and automation to improve your SaaS security posture.

Try it free
Explore demos
Try it free
Explore demos

Let’s stay in touch.

Sign up for product updates, resources, and news. We promise we'll never send you spam. Or boring emails. Ever.
Product
OverviewChangelogPricingStatus
Resources
FAQSecurity ProfilesSaaS Security GlossaryKnowledge BaseAPI Documentation
Company
Our ApproachOur TeamPress
Assurance
Trust & SecurityTerms & ConditionsPrivacy PolicySitemap

Use Cases

SaaS Security
SaaS Security Posture Management (SSPM)Audit & ComplianceSaaS Attack SurfaceAccount Takeover Detection
SaaS Management
Shadow ITSaaS SpendCloud GovernanceAI Security
Third-Party Risk Management
Supply Chain SecurityOAuth Risk Management
Identity Governance
User Access ReviewsEmployee OffboardingSSO Onboarding
© {year}, Nudge Security
1401 Lavaca St, Suite 40219
Austin, TX  78701