Security

Security at Voiceflow

Our top priority is delivering a performant platform that keeps customer data safe and end-user interactions secure.

Compliance
ISO/IEC 27001:2022
A specification for an information security management system (ISMS), which is a framework for an organization's information risk management processes.
SOC-2 compliant
Voiceflow is SOC-2 Type 1 compliant, with live monitoring towards SOC-2 Type 2 compliance. Our SOC-2 compliance is continually monitored by Drata.
GDPR compliant
General Data Protection Regulation (GDPR) compliance meets the requirements for properly handling personal data as defined in the law.and advanced user permissions.
Trusted by the best in the business
Platform Security

Secure and scalable agents

Teams trust Voiceflow to build and deploy AI automation use cases securely and at scale.

Reliability

Reliablity

  • 24x7x365 system server monitoring and on-call support from dedicated cloud-ops team

  • Infrastructure hosted on Amazon Web Services (AWS) and Google Cloud Platform (GCP)

  • Annually tested business continuity and disaster recovery (DR) plans

  • Separate production and testing environments

  • Multi-availability zone (AZ) compute instances

  • Infrastructure as Code (IaaC) management of cloud resources to ensure repeatable and reliable changes.

Security

Security Features

  • Voiceflow follows secure credential storage best practices by storing passwords using one-way hash encrypted passwords (BCRYPT)

  • Audit logging and event alerting

  • Regular updates rolled out to all customers, ensuring everyone has the latest application and security innovation

  • User-managed workspace access control to govern sharing privileges

  • Application audit log that includes security events such as user logins or configuration changes.

  • Project history tracking and rollback capability

Data

Data Security

  • Encryption-at-rest with AWS/GCP KMS customer-managed keys (AES-256)

  • Geographically distributed and encrypted offsite backups

  • Fully managed multi-AZ database instances with point-in-time-restore (PITR)

Network

Network Security

  • A CDN-based Web Application Firewall (WAF) and (D)DOS mitigation technologies

  • Encryption-in-transit using industry-standard TLS v1.2+ to ensure that all traffic between users and Voiceflow is secure.

  • All cloud-internal traffic is encrypted with mTLS with short-lived per-application certificates

  • Tiered, firewalled, and segmented network infrastructure to ensure that communication between Voiceflow services is strictly controlled.

Launch

Organizational Security

  • Employee background and reference checks in accordance with local laws.

  • Annual employee security awareness training covers topics such as data privacy, information security, and password security.

  • Principle-of-least-privilege implemented across the organization for both information and resource access. tested business continuity and disaster recovery (DR) plans

  • Audit logging of all cloud resources

Analyze

Application Security

  • Automated vulnerability analysis via network, host, and application scans.

  • Code assessment through both automated and manual review processes governed by Voiceflow's document Software Development Life Cycle (SDLC) policy.

  • Annual external penetration testing on primary public-facing endpoints. Single Sign-On (SSO) support for enterprise users

dashboard for platform page
dashboard for platform page
dashboard for platform page
dashboard for platform page
dashboard for platform page
dashboard for platform page

"With Voiceflow, users were no longer led through fixed linear flows. They were engaged with a real experience, using natural language, which revealed true-to-life results."

James headshot
James Schneider
Head of UX Design

“Voiceflow has made creating conversation dialogue journeys easy and smooth. It has facilitated the collaboration and best practice sharing between people across different teams and countries.”

Illari headshot
Illaria Di Donfrancesco
Product Owner - AI Platforms

“Voiceflow has made creating conversation dialogue journeys easy and smooth. It has facilitated the collaboration and best practice sharing between people across different teams and countries.”

Illaria Di Donfrancesco
Product Owner - AI Platforms

"With Voiceflow, users were no longer led through fixed linear flows. They were engaged with a real experience, using natural language, which revealed true-to-life results."

James Schneider
Head of UX Design
Enterprise

Build agents using any AI vendor in an enterprise cloud.

Voiceflow helps enterprise product teams securely build, test, launch, and manage conversational AI agents at scale.

graphic image for enterprise section
Your AI platform of record
Build, scale and collaborate on AI products in one, central place.
Get ideas to market fast
Accelerate AI product team workflows to ship with speed and accuracy that can effeciently scale.
Avoid vendor lock-in
Bet on AI, not single vendors. Agnostically adapt to changing LLM and NLU technologies.
Controlled customization
Build endless API-first data and interface integrations alongside any LLM models with secure guardrails.
Trusted by the best in the business
Community Ecosystem

Get started with help from
Voiceflow's global community.

Connect with other builders, share agent functions, and learn how to create advanced AI automations.

Build AI Agents with control

Ready to explore how Voiceflow can help your team? Let’s talk.

ghraphic