Safe, Secure & Private
Build protects your knowledge and your data with enterprise-grade security and compliance.
Least-privilege access
Production permissions are restricted to the minimum necessary, with quarterly access reviews and multi-factor authentication required for all production platform access.
SOC 2 Type II compliant
Security policies and procedures are documented and reviewed annually, with comprehensive controls monitored across 25 categories.
Continuous monitoring
Centralized log collection and intrusion detection monitor production systems, with alerts routed to security personnel to investigate and respond to events.
Encrypted in transit and at rest
Sensitive databases are encrypted at rest, and data in transit is encrypted using industry-standard protocols to prevent interception over public networks.
Audited and tested
Annual penetration testing identifies vulnerabilities, and regular vulnerability scans track high-risk findings for remediation per documented timelines.
Data classification and handling
Sensitive data is classified and restricted to authorized personnel. Retention policies define holding periods, and customer data is anonymized or deleted after contract termination.
Compliant with industry standards
Secure by Design
Security is embedded across Build's product, infrastructure, and operations. Production access is governed by least-privilege controls and multi-factor authentication, data is encrypted in transit and at rest, and centralized log collection with intrusion detection monitors systems continuously.
Our security program is audited annually against SOC 2 Type II, with penetration testing and vulnerability scans driving ongoing remediation. Full details are available in our Trust Center.