Security

Security at Voiceflow

Our top priority is delivering a performant platform that keeps customer data safe and end-user interactions secure.

Live compliance monitoring
Contact Sales
Compliance
ISO/IEC 27001:2022
A specification for an information security management system (ISMS), which is a framework for an organization's information risk management processes.
View compliance monitoring
SOC-2 compliant
Voiceflow is SOC-2 Type 1 compliant, with live monitoring towards SOC-2 Type 2 compliance. Our SOC-2 compliance is continually monitored by Drata.
View compliance monitoring
GDPR compliant
General Data Protection Regulation (GDPR) compliance meets the requirements for properly handling personal data as defined in the law.and advanced user permissions.
View compliance monitoring
ISO/IEC 27001:2022
A specification for an information security management system (ISMS), which is a framework for an organization's information risk management processes.
SOC-2 compliant
Voiceflow is SOC-2 Type 1 compliant, with live monitoring towards SOC-2 Type 2 compliance. Our SOC-2 compliance is continually monitored by Drata.
GDPR compliant
General Data Protection Regulation (GDPR) compliance meets the requirements for properly handling personal data as defined in the law.and advanced user permissions.
Trusted by the best in the business
Platform Security

Secure and scalable agents

Teams trust Voiceflow to build and deploy AI automation use cases securely and at scale.

Reliability

Reliablity

  • 24x7x365 system server monitoring and on-call support from dedicated cloud-ops team

  • Infrastructure hosted on Amazon Web Services (AWS) and Google Cloud Platform (GCP)

  • Annually tested business continuity and disaster recovery (DR) plans

  • Separate production and testing environments

  • Multi-availability zone (AZ) compute instances

  • Infrastructure as Code (IaaC) management of cloud resources to ensure repeatable and reliable changes.

Security

Security Features

  • Voiceflow follows secure credential storage best practices by storing passwords using one-way hash encrypted passwords (BCRYPT)

  • Audit logging and event alerting

  • Regular updates rolled out to all customers, ensuring everyone has the latest application and security innovation

  • User-managed workspace access control to govern sharing privileges

  • Application audit log that includes security events such as user logins or configuration changes.

  • Project history tracking and rollback capability

Data

Data Security

  • Encryption-at-rest with AWS/GCP KMS customer-managed keys (AES-256)

  • Geographically distributed and encrypted offsite backups

  • Fully managed multi-AZ database instances with point-in-time-restore (PITR)

Network

Network Security

  • A CDN-based Web Application Firewall (WAF) and (D)DOS mitigation technologies

  • Encryption-in-transit using industry-standard TLS v1.2+ to ensure that all traffic between users and Voiceflow is secure.

  • All cloud-internal traffic is encrypted with mTLS with short-lived per-application certificates

  • Tiered, firewalled, and segmented network infrastructure to ensure that communication between Voiceflow services is strictly controlled.

Launch

Organizational Security

  • Employee background and reference checks in accordance with local laws.

  • Annual employee security awareness training covers topics such as data privacy, information security, and password security.

  • Principle-of-least-privilege implemented across the organization for both information and resource access. tested business continuity and disaster recovery (DR) plans

  • Audit logging of all cloud resources

Analyze

Application Security

  • Automated vulnerability analysis via network, host, and application scans.

  • Code assessment through both automated and manual review processes governed by Voiceflow's document Software Development Life Cycle (SDLC) policy.

  • Annual external penetration testing on primary public-facing endpoints. Single Sign-On (SSO) support for enterprise users

dashboard for platform page
dashboard for platform page
dashboard for platform page
dashboard for platform page
dashboard for platform page
dashboard for platform page

"With Voiceflow, users were no longer led through fixed linear flows. They were engaged with a real experience, using natural language, which revealed true-to-life results."

James headshot
James Schneider
Head of UX Design

“Voiceflow has made creating conversation dialogue journeys easy and smooth. It has facilitated the collaboration and best practice sharing between people across different teams and countries.”

Illari headshot
Illaria Di Donfrancesco
Product Owner - AI Platforms

“Voiceflow has made creating conversation dialogue journeys easy and smooth. It has facilitated the collaboration and best practice sharing between people across different teams and countries.”

Illaria Di Donfrancesco
Product Owner - AI Platforms

"With Voiceflow, users were no longer led through fixed linear flows. They were engaged with a real experience, using natural language, which revealed true-to-life results."

James Schneider
Head of UX Design

Bug bounty program

If you discover a potential security vulnerability, please email security@voiceflow.com. Eligible submissions may qualify for our bug bounty program.

Voiceflow values the contributions of the security research community in helping us maintain a safe and secure platform. We provide safe harbor for good-faith security research conducted in accordance with this Vulnerability Disclosure Policy. This means that if you comply with the guidelines set forth in this policy, Voiceflow will not initiate legal action against you under the Computer Fraud and Abuse Act (CFAA), the Digital Millennium Copyright Act (DMCA), or similar laws in other jurisdictions. We ask that you refrain from publicly disclosing any potential vulnerability until our security team has had the opportunity to review and address it.

Enterprise

Build agents using any AI vendor in an enterprise cloud.

Voiceflow helps enterprise product teams securely build, test, launch, and manage conversational AI agents at scale.

Discover enterprise
graphic image for enterprise section
Your AI platform of record
Build, scale and collaborate on AI products in one, central place.
Get ideas to market fast
Accelerate AI product team workflows to ship with speed and accuracy that can effeciently scale.
Avoid vendor lock-in
Bet on AI, not single vendors. Agnostically adapt to changing LLM and NLU technologies.
Controlled customization
Build endless API-first data and interface integrations alongside any LLM models with secure guardrails.
Trusted by the best in the business
Community Ecosystem

Get started with help from
Voiceflow's global community.

Connect with other builders, share agent functions, and learn how to create advanced AI automations.

Discord Community

Join our fast-growing community of AI agent designers, developers, and builders.

YouTube Tutorials

Learn from video tutorials created by the Voiceflow team.

Templates

Discover our library of agent templates to help you get started with your use case.

Marketplace

Explore collections of agent-building resources created by the community.

Pathways Blog

A publication for designers,
developers, tinkerers, and trailblazers.

Workshops

Watch us make and break bots on the way to creating advanced AI agents.

Build AI Agents for customer support and beyond

Ready to explore how Voiceflow can help your team? Let’s talk.

Sign up free
ghraphic
Solutions
AI agentsIndustriesAutomate supportCall automationAnswering serviceCold callingAppointment bookingVirtual receptionist
© 2025 Voiceflow, Inc.
G2 badge of leader winter 2025G2 badge of leader small business winter 2025G2 badge of high performer winter 2025