Security at DeepSource

We follow a comprehensive set of practices and policies to make sure our systems, thus our users' data, is secure.

3,000+ companies trust DeepSource to ship clean and secure code

Sandboxed analysis environments

All our repository operations and analysis runs are executed in a secure sandbox. Each sandbox is restricted to access data only within its scope.


We use OAuth tokens as our authentication mechanism to access source code from the supported source code hosting providers.

Data center security

DeepSource’s infrastructure runs on data centers provided by Google Cloud Platform which follows stringent security practices.


All data we process and store are backed up frequently to multiple regions.


All data exchanged with DeepSource is transmitted over TLS.


We have your data security needs covered.

DeepSource is SOC 2 Type II compliant. SOC 2 ensures that we follow strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of user data.

DeepSource is compliant with the General Data Protection Regulation (GDPR). To learn more about how we collect, keep, and process your private information in compliance with GDPR, please view our privacy policy.

Responsible disclosure

Data security is a top priority for DeepSource, and we believe that working with skilled security researchers can identify weaknesses in any technology.


DeepSource is always open to feedback, questions, and suggestions. If you would like to talk with us, please email at

Shift left, enterprise-grade.

Start building with the most sophisticated static analysis platform for your workflow and prevent bugs before they end up in production.

Deploy on-premise to have absolute control of your data

Onboard thousands of repositories in minutes, not months

Save over 4 hours on average per developer every week