Security, without all the friction
Trusted with serving billions of secrets to thousands of companies every month. A passion for security is deep within our DNA.
Security, productized
From strong default options to granular access controls, Doppler helps your team stay protected while offering flexibility around your workflow.
We check if your password has been in a breach and require you to set a new one if it has.
Fine-grained permissions paired with user groups and SAML built for scale.
Auth tokens scoped to the user and the device. Revoke the device token at anytime.
Auth tokens scoped to specific a service, typically used in staging and production.
Automatically generated & encrypted fallback files keep you developing while offline.
Lock down your staging and production secrets with static allow lists of IP ranges.
We love working with the security community to help us improve our security posture.
Compliance
Doppler is SOC 2 certified, ensuring your API keys, credentials, and secrets are stored with industry-leading security standards. Compliance made easy, so you can focus on building, not maintaining.
We’re actively undergoing ISO 27001 certification to align with the highest security standards, strengthening secrets management, access controls, and compliance for your team’s peace of mind.
30B+ secrets read every month
Enterprise key management
We work alongside you to secure your data. Leveraging your existing AWS or GCP infrastructure, we encrypt your data with an additional key you control. This layered approach ensures transparency in data access while maintaining the highest security standards.
Secure storage
Doppler encrypts and tokenizes all customer secrets. Encryption via AES-256-GCM ensures that only authorized parties can access your secrets, while tokenization ensures our internet-exposed infrastructure never has access to encryption keys or ciphertext. All encryption operations happen on separate infrastructure unexposed to the public internet.
Defense in depth
Doppler's engineers and dedicated security team work together to design and threat model all systems and infrastructure. We rigorously review all code changes, write abstractions to minimize mistakes, harden all deployment infrastructure, and maintain strict corporate security policies. We also run a public Bug Bounty program and undergo white box pen testing by top firms at least annually.
DDoS mitigation
Doppler monitors for and blocks anomalous traffic patterns and spikes to ensure your organization's secrets are always available when you need them.
Enter the new era of secrets management
Trusted by the world’s best DevOps and security teams. Doppler is the secrets manager developers love.
