Crunchy Data Security

Security focused practices and supporting open source

Crunchy Data provides products, support, and services for PostgreSQL related needs. Crunchy Data authors and contributes to a number of PostgreSQL community projects, including upstream PostgreSQL itself, and Crunchy Data authored tools such as PGO: The Postgres Operator. Crunchy Data applies security best practices to all Crunchy Data products and packages.

Security Assessments & Compliance

Crunchy Data infrastructure for Crunchy Bridge leverages cloud infrastructure providers including Amazon Web Services, Heroku, Google Cloud Platform, and Microsoft Azure. All other Crunchy Data products and software are self managed on Crunchy Data infrastructure.

Crunchy Data has SOC2 for Crunchy Bridge and other Crunchy managed infrastructure. For information regarding Crunchy Data SOC2 compliance, please contact

Third party security testing of Crunchy Bridge is performed by independent and reputable security consulting firms. Findings from each assessment are reviewed with the assessors, risk ranked, and assigned to the responsible team.

Vulnerability Reporting

If you would like to report a vulnerability or have a security concern regarding any Crunchy Data packages or products please email

For Crunchy Data customers, with other security questions please open a support ticket.

Contact us