• Formerly Platform.sh
  • Contact us
  • Docs
  • Login
Watch a demoFree trial

Secure, compliant application environments by default

Security and Compliance on Upsun are built into the platform, not added as optional layers. Applications inherit a hardened security posture and compliance-ready controls across all environments, from preview to production.

This capability is designed for leadership, developer, platform engineering and DevOps teams that need to meet strict security and regulatory requirements without slowing development or building custom controls.

What this enables

Security and compliance are applied at the platform level, managed centrally, and allow teams to: 

  • Enforce consistent security controls across all environments
  • Meet regulatory and audit requirements with less manual effort
  • Reduce risk without blocking developer workflows

How it works

Secure-by-default platform design

Upsun environments run with a read-only file system and a controlled execution model. Changes are introduced through the Git-based build and deploy workflow, which reduces the attack surface and prevents configuration drift. Core security controls are enforced automatically, without requiring application-level customization.

Built-in compliance controls

Upsun provides a platform foundation aligned with common compliance requirements, with certifications and guidance documented in the Trust Center. Infrastructure, processes, and operational practices are designed to support audits and regulatory requirements on an ongoing basis.

Continuous updates and patching

Security patches and platform updates are applied regularly by Upsun. Teams do not need to track or manually apply infrastructure-level fixes, reducing exposure to known vulnerabilities.

What this solves

Inconsistent security practices

When teams manage security individually, controls vary by project. Upsun allows you to enforce consistent standards across all applications and environments.

Manual compliance overhead

Meeting compliance requirements often requires significant operational effort. Platform-level controls reduce the burden on engineering teams.

Risk introduced by speed

Fast-moving teams can unintentionally introduce security gaps. Upsun provides guardrails that allow teams to move quickly without compromising security.

Key capabilities

  • Read-only file systems and hardened runtime environments
  • Automated TLS certificates and encrypted data paths
  • Built-in network isolation and traffic controls
  • Role-based access control and user management
  • Regular, managed security updates and patches
  • Support for audit and compliance frameworks

Enterprise considerations

Auditability and traceability

Configuration changes are versioned in Git and platform activities have accessible logs for audit. This supports internal reviews and external audits without additional tooling.

Access governance

Permissions are centrally managed, making it easier to enforce least-privilege access and adapt to organizational changes.

Data protection

Upsun supports encryption in transit and at rest, as well as region-specific deployment to meet data residency and sovereignty requirements.

How teams use this in practice

Regulated environments

A financial services team runs customer-facing applications with platform-level security controls that align with regulatory requirements.

Enterprise access management

A platform team enforces role-based access across multiple projects, ensuring developers and operators have appropriate permissions.

Continuous compliance

An organization relies on Upsun’s managed updates and auditability to maintain compliance as applications evolve.

Get started

Use Security and Compliance to protect applications and meet regulatory requirements without slowing delivery.

Start a free trialRequest a demo
UpsunFormerly Platform.sh
CompanyTrust centerEventsAbout usJobsSustainabilityOpen sourceFAQ
CompareVercel alternativeAmazee alternativeHeroku alternativePantheon alternativeManaged hosting alternativeFly.io alternativeRender alternativeAWS alternativeAcquia alternativeDigitalOcean alternative
ProductOverviewSupport and servicesPreview environmentsMulti-cloud and edgeGit-driven automationObservability and profilingSecurity and complianceScaling and performanceBackups and data recoveryTeam and access managementCLI, console, and APIIntegrations and webhooksPricingPricing calculator
Use casesApplication modernizationeCommerce and CMS hostingMulti site managementCompliance and governanceDevOps and platform engineeringAI and automation
IndustriesFinancial servicesGovernmentSaaSManufacturingHigher educationTravel and hospitalityRetail
PartnersStrategic implementationBecome an agency partnerPartner portal
ResourcesCase studiesBlogDeveloper CenterDocumentationCloud regionsSupportContact us

Join our monthly newsletter

Compliant and validated

ISO/IEC 27001SOC 2 Type 2PCI L1HIPAATX-RAMP
© 2026 Upsun. All rights reserved.
Terms of ServicePrivacyImpressumReport a security issueCookie preferences