Releasedog stores release notes, not secrets. Still, we treat every byte like it matters — because your work does. Here's how we keep it safe.
last updated: April 20, 2026
All traffic uses TLS 1.3. Data is encrypted at rest with AES-256 via our managed Postgres provider.
Hosted on Vercel with Neon Postgres. Automatic scaling, DDoS protection, and region-pinned data.
Sessions managed by Better Auth with rotating tokens, bcrypt password hashing, and rate-limited sign-in.
Admin access is gated by SSO and audited. No engineer accesses production customer data for debugging.
Errors, anomalies, and sign-in patterns are tracked in real time. On-call engineers get paged within minutes.
We follow SOC 2 controls today and are working toward a formal Type II report. Happy to share details on request.
We're a small team, so we pick battles carefully. These are the ones we fight by default.
We're building toward formal certifications. In the meantime we operate to the same controls and can share our policies on request.
Think you found something? We appreciate responsible disclosure. Email us and we'll respond within one business day.
security@releasedog.comWe publish real-time status and historical uptime. If something breaks, we post about it there first.
View status pagethis page is a living document — we update it as we ship