Security & Compliance
Enterprise-grade security with US-based infrastructure. Your artifacts are protected with industry-leading security practices and compliance standards, backed by 10 years of proven security excellence.
Looking for security documentation, our DPA, or subprocessor list?
Visit our Trust CenterInfrastructure
US-Based Infrastructure You Can Trust
CloudRepo is a US-based company headquartered in the United States of America. All of your data is stored exclusively in the United States, meeting strict data residency requirements for financial services and other regulated industries.
- US-Only Data Residency
-
Primary hosting in AWS US-West (N. California) data center. All artifact storage in Amazon S3 and metadata in DynamoDB within the same US region. All customer artifacts and account data are stored exclusively in the United States (AWS US-West). Certain operational subprocessors may process limited categories of operational data in other jurisdictions — see our subprocessor list for details.
- Geographic Redundancy
-
Data replication across multiple US data centers for disaster recovery and high availability. AWS Shield Standard provides baseline DDoS protection across all resources.
- Future: Data Center Choice
-
Coming in 2026: Choose your data residency location. EU customers will be able to store data exclusively in EU data centers, meeting GDPR locality requirements.
Security Model
Enterprise-Grade Security Practices
Your artifacts are protected with industry-leading security standards and best practices at every layer.
- Encryption Everywhere
- TLS 1.2+ encryption for all data in transit. AES-256 encryption at rest for all stored artifacts. Your code is always encrypted, both in flight and at rest.
- Access Control & Authentication
- Token-based authentication, granular repository permissions, and team-level access controls. SCIM 2.0 for enterprise user provisioning. SSO/SAML integration on our roadmap — tell us which identity providers you need.
- Data Redundancy & Backups
- Automated backups with point-in-time recovery. Multi-region replication for disaster recovery. 99.999999999% (11 nines) durability with our Amazon S3 backed storage.
- Network Security
- AWS Shield Standard DDoS protection, VPC network isolation, and security group enforcement. Infrastructure hardening and regular security patching across all systems.
- Monitoring & Incident Response
- Automated system monitoring and alerting via CloudWatch and Grafana. Security event logging and analysis. Documented incident response procedures.
- Vulnerability Management
- We recommend integrating dependency vulnerability scanning tools like Snyk, Dependabot, or Trivy into your CI/CD pipeline. CloudRepo supports this workflow through standard artifact upload and download APIs.
Compliance
Transparency Over Certifications
CloudRepo does not currently hold SOC 2 or ISO 27001 certifications. Instead, we provide complete transparency about our security practices and partner exclusively with certified vendors.
- SOC 2 Certified Vendors
- Every subprocessor we use — AWS, Braintree, Postmark, and others — holds SOC 2 certification. View our complete subprocessor list.
- GDPR Ready
- Data Processing Agreement available. Data deletion requests processed within 30 days. Full compliance with GDPR and CCPA requirements. Download our DPA.
- Security Documentation
- Comprehensive Security Practices Document, Compliance Status Letter, and published Subprocessor List. Visit our Trust Center to download.
- Zero Security Breaches
- No security breaches in company history. No known data breaches. Security issues triaged within 24 business hours at security@cloudrepo.io.
Architecture
Built on Cloud-Native Infrastructure
CloudRepo leverages AWS's world-class infrastructure for reliability, performance, and security.
Storage Layer
All artifacts stored in Amazon S3 with 99.999999999% durability. S3 versioning enabled for artifact history. Server-side encryption with AES-256.
Metadata & Database
Amazon DynamoDB for fast, scalable metadata storage. Multi-region replication for disaster recovery. Automated backups with point-in-time recovery.
Compute & Application
Cloud-native architecture on AWS for high availability. Multi-AZ redundancy with no single points of failure.
Network & Delivery
AWS Shield Standard for DDoS protection. VPC isolation and security groups for network segmentation. TLS 1.2+ encryption for all connections.
Questions about security?
We're happy to discuss our security practices, compliance roadmap, and how we protect your artifacts. Contact us for more details.