Postman Trust Center
Learn why 35 million developers and 500,000 organizations worldwide trust and rely on the Postman API Platform.
Sustaining a partnership of trust
The Postman Trust Center provides information on our product security, privacy, compliance, and reliability. We aim to give you transparency around our practices, standards, and policies in place to secure our corporate environment.
Security
Security is a priority in every stage of our product development, enabling us to layer protections early and often.
Compliance
Postman complies with global industry standards on data security and privacy, including the European Union's General Data Protection Regulation and the California Consumer Privacy Act.
Privacy
We respect your privacy preferences and give you control over your data. We also have privacy controls to limit personal data collection, and such activities comply with global regulatory requirements.
Reliability
You depend on Postman products for your API lifecycle. We design with reliability in mind so you and your team can confidently use Postman.
Security and trust FAQ
Find answers to some of our company's most common security questions.
Security content hub
Access reports, blogs, and resources from Postman's global team on topics including API security, product safety and trust.
Regulatory compliance and standards
We comply with industry standards and regulations to protect our corporate and customer data.
General Data Protection Regulation (EU GDPR)
System & Organization Controls (SOC 2 & SOC 3)
Payment Card Industry Data Security Standard (PCI DSS)
CSA STAR Level One
Postman Security and Trust Portal
Access Postman's security and compliance documents on our Security and Trust Portal, such as penetration testing and audit reports.
Postman shared responsibility model
Data security is a shared responsibility between Postman and users. Please explore our guide covering the best practices you should follow to secure your data and credentials in Postman.
Contact Postman Security
Postman Security protects your data and helps secure your APIs. We provide security and governance features, workshops, and trusted information.
If you want additional information about our security policies, please contact us at security@postman.com. You can use our PGP public key to encrypt your communications with us.
To report a vulnerability, check out our reporting page on HackerOne. Security researchers should also review our security guidelines and policy for reporting security vulnerabilities through our bug bounty program.
Report potential abuse
Please contact our customer support team or security@postman.com to report potentially abusive behavior or malicious activity involving Postman accounts or resources.
500,000 companies use Postman
Many of the world's top organizations, including 98% of the Fortune 500, are using the Postman API Platform today.
2024 State of the API report is here!
Discover key API trends from 5,600+ devs and API professionals in Postman's annual report.