Supabase is now both SOC2 Type 1 and SOC2 Type 2 compliant, indicating its adherence to critical security standards.
SOC2 is focused on 5 Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy, essential for SaaS companies.
Supabase selected Vanta as a compliance monitoring tool for its compatibility with their systems and support for multiple compliance standards.
The proactive approach in choosing an auditor familiar with SaaS and the use of Vanta streamlined the audit process.
Supabase utilized the SOC2 audit not merely as a compliance exercise but as a framework to codify their security practices and improve overall security.

Supabase is an open source platform providing developers with tools to quickly build and scale applications. It serves as an alternative to Firebase, offering a range of features including a full Postgres database, authentication services, instant APIs, Edge Functions, real-time data subscriptions, storage solutions, and vector embeddings for machine learning models. Supabase emphasizes developer experience with easy setup, maintenance-free scaling, and immediate API generation from database schemas. It supports various user authentication methods, allows for custom security policies, and fosters a community-oriented ecosystem. It is tailored for both rapid prototyping and large-scale production deployments.

Supabase

Supabase provides scalable open source backend services with Postgres database.

Authentication-as-a-service

Supabase Achieves SOC2 Compliance

Recent Certification News