Storyblok Raises $80M Series C - Read News

What’s the True Total Price of Enterprise CMS? Find out here.
Skip to main content

ISO 27001 certified CMS

As an ISO 27001 certified CMS, Storyblok is one of the most secure, enterprise-grade CMSes available on the market. Storyblok is meticulously tested and monitored through best in breed security protocols. These protocols include regular code reviews, strict access control, anomaly detection and rigorous security testing.

Product Operations

All data stored on Storyblok is hosted on Amazon AWS in Frankfurt, Germany with regular back ups, recovery tests and continuous automatic security tests through Detectify as well as regular penetrations tests to the entire system.

Security team

Regular vulnerability and penetration testing by Storyblok's security team and by leading third party security providers.

AWS environment

AWS environment safeguarded by WAF (web application firewall), AI-based intrusion detection via AWS Guard Duty and strong access control using certificate based authentication.

Continuous monitoring

Continuous monitoring and automatic scaling during high demand periods ensure consistently fast response times and service availability.

Software Development

Storyblok incorporates industry leading security measures into every aspect of the software development life cycle (SDLC). This ensures that every line of code we produce follows the highest security standards from inception through to development, QA testing, and release.

  • Strict adherence to OWASP secure coding best practices and guidelines.
  • Dedicated security code reviews, continuous security training, and security testing.
  • Automated vulnerability testing, scans, anomaly detection, and automated dependency updates.

Data Privacy and Protection

Our data privacy and protection protocols go well beyond compliance. For us data privacy is not just a checklist. It is one of our driving principles. Our desire to safeguard and protect this principle encompasses every aspect of our company - from software development to employee operations.

Data encryption

Data encryption (both in transit and at rest) employing key lengths and algorithms approved by industry leading standards.

Company-wide protocols

Company-wide protocols including strict access control, centralized endpoint management, mandatory security checks and regular security awareness training.

GDPR compliant

GDPR compliant data storage, management and data processing.

Security standards & certificates

ISO27001

Storyblok is ISO 27001 certified. This recognizes that all our products, operations, support processes and data storage protocols meet the highest international security standards.

OWASP code review

The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software.

GDPR

The General Data Protection Regulation (GDPR) is among the toughest privacy and security laws in the world. Storyblok is fully GDPR compliant.

WAF

A Web Application Firewall protects web applications by monitoring and filtering traffic.

AWS Guard Duty

Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity.

Policies

GDPR & Privacy Policy

Provides information on how and why we collect, use, share, store and delete your data.

Terms and Conditions

The general terms and conditions for using our services.

Data Processing Agreement

Outlines how and which data we process as part of our services.

Trust Center

Your hub for the latest information about Storyblok security practices, GDPR compliance, and updates about the operational state of our services.

Visit Trust Center
🍪 Cookie Notice

We use cookies to learn how you interact with our content, and show you relevant content and ads based on your browsing history. You can adjust your settings below. Here's our policy.

Cookie settings