Security at
Better Stack

Better Stack is relied on by the best teams to spot, resolve, and prevent downtime.

Relied on by the world’s best engineering teams

Better Stack customers include Redis, Octopus Deploy, Accenture, Raspberry Pi Foundation, Brave, Drata, Unicef, Canada, Decathlon, Raycast, Ametek, Align, Salesforce and Time magazine

SOC 2 Type 2

Fly through your SOC 2 audit with
compliant monitoring tools by Better Stack.


Stay compliant with the EU's General Data Protection Regulation (GDPR).

SSO/SAML sign-in

Securely authenticate with Okta, Azure or Google.

Automated backups

We store your data redundantly to prevent data loss.

HTTPS/SSL by default

Built-in industry-standard encryption by default.

Frequently asked questions

At Better Stack, we design our products and processes with security in mind. We follow industry-standard best practices to keep your data safe.

Is Better Stack SOC 2 compliant?
Yes, Better Stack is SOC2 Type 2 compliant. Contact us for more details or to access the latest report.
Is Better Stack GDPR compliant?
Yes. For more information, see our Data Processing Agreement. By default, all data is stored in the EU regions in GDPR-compliant DIN ISO/IEC 27001-certified data centers.
Is Better Stack HIPAA compliant?
Better Stack is currently not HIPAA compliant. Contact us if HIPAA is important for you, and we can share more details.
Is Better Stack PCI compliant?
Better Stack does not store personal credit card information for any of our customers. We use Stripe to securely process transactions and trust their commitment to best-in-class security. Stripe is a certified PCI Service Provider Level 1, which is the highest level of certification in the payments industry.
Does Better Stack encrypt data?
Relevant data is encrypted at rest (AES-256) and in transit (HTTPS/TLS).
Does Better Stack back up the data?
Yes. Automated backups are run regularly and data is stored redundantly where appropriate to prevent data loss.
Does Better Stack offer custom data locations?
Yes. We offer custom data locations for enterprise accounts. Contact us to discuss a preferred data location.
Do you conduct regular penetration testing and vulnerability scans?
Yes. We conduct regular penetration testing through third-party pen testers. In addition, we run frequent code reviews, static analysis checks, and dependency vulnerability scans. Our enterprise customers have access to our latest pen test reports.

Is your question not listed here? Please get in touch at

Report a security vulnerability

Get in touch with our security team to disclose any security concerns.

Contact us