Security at Fuse

We take great pride in our robust security protocols and are devoted to upholding the highest levels of security excellence.

SOC 2 Type 2

We're committed to securely managing the privacy of our clients.

SSO/SAML Login

Securely authenticate with platforms like Okta, Auth0, and more.

Automated Backups

Backups occur every hour and are persisted for 1 month.

HTTPS/SSL by default

Industry standard encryption by default with the Fuse platform.

Employee training & awareness

Employees are prepared to handle customer data securely, decreasing the chances of human error or intentional data breaches.

Secure Policies & Procedures

We have established and tested controls to protect customer data and effectively respond to security incidents.

View our Trust Report.

Our infrastructure, organisation and products are monitored in real time on an ongoing basis by Vanta to ensure we always remain compliant and secure.

Frequently asked questions

Is Fuse SOC 2 complaint?
Yes, Fuse is SOC2 Type 2 compliant. Contact us for our letter of engagement.
Is Fuse PCI complaint?
Fuse does not store personal credit card information for any of our customers. We use Stripe to securely process transactions and trust their commitment to best-in-class security. Stripe is a certified PCI Service Provider Level 1, which is the highest level of certification in the payments industry.
Does Fuse encrypt data?
Yes. Data is encrypted at rest (AES-256) and in transit (HTTPS / TLS), including sensitive information like access tokens and secrets.
Does Fuse backup data on it's platform?
Yes. Our current backup interval is every hour and each backup is persisted for 1 month. Automatic backups are taken without affecting the performance or availability of the database operations. All the backups are stored separately in a storage service, and those backups are globally replicated for resiliency against regional disasters. If a database instance is deleted, all associated backups are also automatically deleted. Backups are periodically tested by the Vercel engineering team.
What infrastructure do you use?
Fuse uses Amazon Web Services (AWS).
Does Fuse run vulnerability scans and penetration testing?
Yes. We conduct regular penetration testing through third-party pen testers. On top of that, we also have daily code reviews, static analysis checks, and dependency vulnerability scans through GitHub and Vanta. Our Enterprise customers have access to our latest pen test reports.
Does Fuse run penetration testing?
We also have daily code reviews, static analysis checks, and dependency vulnerability scans through GitHub and Vanta.
What if something becomes non-compliant?
Should something become non-compliant, our compliance automation platform would promptly detect the issue and alert us. This enables us to swiftly address the problem and regain compliance. By employing a compliance automation platform, we can stay ahead of our compliance responsibilities and take proactive measures to ensure continued compliance with relevant security practices and standards. This instills confidence in providing a secure environment for our clients and stakeholders while helping us preserve our reputation as a dependable and trustworthy organization.

Report Fuse security concerns.

Get in touch with our security team to disclose any security vulnerabilities.