We’re security people at heart.

That's why we’re building our company, product, and services to be highly secure and trustworthy from the start. We hope you’ll join us.

Our security program

We take a security-first approach to everything we build, from design through deployment, ensuring that we have the right infrastructure, automation, and monitoring in place. Learn how we protect your data and trust with our privacy, security, and compliance practices.

Data security

We encrypt data at every point in transit with TLS v1.2+ and at rest with AES-256. We conduct regular data backups and third-party risk reviews. We make it easy for you to fully erase your data.

Identity and access

We enforce a least-privilege model, strict password security, access logging, MFA, and SSO for access to sensitive data and resources.

Application security

Our development best practices include continuous code analysis, vulnerability scanning, and secrets management. For responsible disclosure, please notify us at security@nudgesecurity.com

Infrastructure security

We build with microservices and serverless architecture in AWS. We implement least-privileged access, logical tenant separation, and continuously monitor all environments.

Secure by design

As a security-focused startup, we are taking a security-first approach as we build each facet of our service and company. It's what we've always dreamed of. 

Certified from the start

That's our goal, and it's why we're already SOC 2 type II certified.

Serious about privacy

Your data belongs to you. We make it simple for you to manage your data and privacy rights while using our services.

Email Security

Our product is less invasive than a spam filter, with no permanent storage of email and no human access, ever.

Learn more

See what you've been missing.