Xano LogoSECURITY CENTERSECURITY CENTER
Xano Pricing

Xano Security and Compliance

Xano is dedicated to the safeguarding of customer data. Security is placed at the forefront of our product strategy, emphasizing its utmost importance. In constructing our platform, we adhere to the industry's finest practices, ensuring it is robust, scalable, and fortified against potential threats. Continuous vigilance and periodic evaluations of our program are conducted to guarantee that it aligns with, or surpasses, the standards of compliance and regulatory obligations.

Jacques Antikadjian: Co-Founder & CSO

Compliance

Compliant with the highest software and security standards

ISO 27001
ISO 9001
ISO 27701
GDPR
SOC 2
CPRA
LGPD
PIPEDA
FERPA
HIPAA
PCI
PDPA
PPIPA
CCPA
PPIP
SOC 3
CMMCPending
NISTPending

Audits & documents

Product Security
  • Multi-Factor Authentication
  • Audit Logging
  • SSO Support
  • Role-Based Access Control
  • View more

Reports
  • PCI DSS (ASV Network Scan)
  • Pentest Report
  • Network Diagram
  • SOC 3 Report
  • View more

Access Control
  • Data Access
  • Logging
  • Password Security
  • View more

App Security
  • Code Analysis
  • Software Development Lifecycle
  • Vulnerability & Patch Management
  • View more

Data Privacy
  • Cookies
  • Geolocation Privacy
  • Employee Privacy Training
  • View more

Data Security
  • Access Monitoring
  • Backups Enabled
  • Encryption-at-rest
  • Data Erasure
  • View more

Endpoint Security
  • Endpoint Detection & Response (EDR)
  • View more

Self-Assessments

We are working on our security compliance. We can provide completed questionnaires upon request.

Security Grades

We are constantly monitoring the security of our website. We will post our grades from public security rating agencies when they become available.

ESG
  • Anti-Bribery and Corruption
  • Environmental Stewardship
  • Carbon Neutrality
  • Diversity, Equity, and Inclusion
  • View more

Infrastructure
  • Anti-DDoS
  • Google Cloud Platform
  • View more

Corporate Security
  • Internal Assessments
  • Penetration Testing
  • Email Protection
  • Internal SSO
  • View more

Legal
  • Data Processing Addendum (DPA)
  • Terms & Conditions
  • Subprocessors
  • Privacy Policy
  • View more

Network Security
  • Firewall
  • View more

Policies
  • Patch Management Life Cycle
  • Next Generation Antivirus (NGAV) Policy
  • Threat & Vulnerability Management Policy
  • Government Data Request Policy
  • View more

Risk Profile
  • Recovery Time Objective
  • Critical Dependence
  • Recovery Point Objective
  • Impact Level
  • View more

Frequently asked questions

Who does Xano use as a cloud hosting provider?
Does Xano run vulnerability scans?
Does Xano use a firewall?
Does Xano encrypt data prior to insertion into a database?
How does Xano handle changes in administrator status, such as promotions or leaving the company?
How does Xano ensure that administrators are trained and informed about the latest security practices for access and data management?
Is it possible to utilize a custom domain for individual Xano workspaces/branches?
How seamlessly can custom code be integrated for specific processes within Xano's framework?
Is Redis mandatory to use Xano? What kind of data do you store in it?
Which regions are supported by Xano’s SaaS offering?
View more →