Security is a critical component of Deno — its opt-in permission model is one of the main reasons developers use it. And our commitment to security extends beyond the runtime to Deno Deploy and all other aspects of our company. That’s why we’re excited to announce that Deno is compliant with SOC 2 standard for security, availability, and confidentiality.

What is SOC 2 Compliance?

SOC 2, or Service Organization Control 2, is a security framework and compliance standard developed by the American Institute of CPAs (AICPA) that ensures service providers securely manage their user data. This certification, reviewed and given by an external advisor, demonstrates that Deno uses best in class security practices to protect customer data.

Over the past several months, Deno has worked closely to ensure these areas of our organization met compliance requirements:

• Continuous security control monitoring
• Network and application layer penetration tests
• Automated data security and vulnerability checks
• Data encryption for both in transit and at rest

Learn more about SOC 2 compliance here.

What’s next?

Achieving SOC 2 compliance is just one milestone that demonstrates our commitment to security, compliance, and privacy. We will continue to build the most secure runtime environment, as well as an organization that adheres to the industry best practices when it comes to data security and governance.

Don’t miss any updates — follow us on Twitter.