Skip to content

Security that
scales with you.

Vercel strives to maintain and provide a secure Frontend Cloud experience.

Our Shared Responsibility Model conveys the importance of our partnership with our customers.

Certificate of ISO 27001
ISO 27001
Certificate of SOC 2
Certificate of PCI DSS
Certificate of HIPAA
Certificate of GDPR
Certificate of DPF

Scalable application security and DDoS mitigation with Vercel Firewall.

The Vercel Firewall has you protected with multiple layers of DDoS protection.

Learn More

Global protection

Edge-localized protection.

L3/L4 protection at every edge location. Your site stays protected without adding latency.

  • L3/L4 DDoS Protection
  • Global L7 Firewall
  • Enterprise DDoS Support

DDoS mitigation

Automatic DDoS Mitigation for all plans.

With on-call teams responding to larger, distributed attacks.

Powerful Rules Engine

Custom rule management, for everybody.

Instantly create and enforce the rules unique to your business.

Vercel Security Checkpoint
To ensure a smooth and safe experience, we’re taking a few moments to verify your browser.

Attack Challenge Mode

Protect your site when under attack.

Prevent malicious traffic by showing a verification challenge for visitors.

NewVercel Web Application Firewall. Next-level security, seamlessly integrated.

Read the announcement


Maintain visibility into key metrics and production deployments, allowing you to monitor threats and requests in real-time.

Managed Rulesets


Activate Vercel’s managed rulesets to protect against top priority risks, including OWASP Top 10.

Framework-aware rules

Define rules based on your framework's routes rather than fiddling with regular expressions or prefixes.

Rate Limiting

In Beta

Control the frequency of requests made to your web applications and APIs.

Instant Rollback

Quickly revert to previous versions of firewall rules to ensure continuous protection without unintended outcomes.

Instant propagation

Uses the same propagation pipeline as our cache infra, so firewall changes can be seen across the globe in 300ms.

Extend your backend

Create a secure, isolated bridge from Vercel to your on-premise backend or Kubernetes services with Vercel Secure Compute.

Contact Sales

Dedicated environments

Private and dedicated access to build and runtime environments.

VPN and VPC peering

Secure runtime environments, without extra backend complexity.

Define your regions

Multiple availability zone redundancy by default.

Designed for high availability.

Every layer of Vercel’s infrastructure is designed for ultimate redundancy and resiliency, so your app stays online, even during the unexpected.
Automatic failover.

Traffic is routed to the nearest region in the face of incidents or network outages, for resilient protection against full regional downtimes.

The world map in polka dot style, some dots are highlighted in blue.
Multi-layered redundancy.

Static assets are automatically replicated and cached across the Vercel Edge Network, with Anycast routing to ensure the lowest latency.

Workspace Security.

Role-based Access Control

Assign roles to ensure that the right people have the right permissions to work on your projects.

Deployment Protection

Secure your Vercel project’s preview and production URLs. Fine-grained access control for deployments.

Audit Logs


Track and analyze your team members' activity. Accessed by team members with the owner role.

Directory Sync


Manage your organization’s memberships from third-party identity providers.

  • @acme/design

    Avatar for raunoAvatar for gennydeeAvatar for gln
  • @acme/eng

    Avatar for timerAvatar for jaredAvatar for cramforceAvatar for gkaragkiaourisAvatar for tomocchino
  • @acme/security

    Avatar for ty-sbanoAvatar for aaronbrownAvatar for kacee
  • @acme/marketing

    Avatar for greetahAvatar for m0rganeAvatar for lindsaygilson
  • Code Owners.

    Ensure the right people review the right code, with the right context.

  • Current Score



  • Major Issues

    Across 6 projects


  • Minor Issues

    Across 12 projects


  • Conformance.

    Catch issues before they become security vulnerabilities.

    Security in the Software Development Lifecycle.

    About our Code Checks

    Frequently asked questions.