Trust Center
Webflow empowers teams to build and host securely - with trust at the core.
Webflow is independently audited for SOC 2 Type II and certified ISO 27001 compliant, proving our commitment to protecting your data and your brand. Our security standards are continuously audited, refined, and embedded into everything we do.
Our commitment doesn’t stop at compliance, we continuously invest in strengthening our security posture, improving resilience, and evolving our practices to stay ahead of emerging threats.
Okta
Verifone
Equals Money
Stripe
HealthStream
Procter & GambleDocuments
Supply Chain Vulnerability Announcements
We’re aware of the recent security advisory regarding the Axios project (https://www.npmjs.com/package/axios - versions 1.14.1 and 0.30.4). At this time, we have no evidence to suggest any impact to customer data, accounts, or Webflow services and no indication that sensitive codebases were exposed.
Out of an abundance of caution, we’ve implemented additional security controls and are conducting a thorough review of relevant systems. If anything changes, we’ll share updates.
Thanks,
Webflow Security
General Announcements
We’re excited to share our updated Security page:
👉 https://webflow.com/security
This page provides a comprehensive overview of how Webflow protects customer data and maintains a secure, reliable platform. It outlines our security practices across infrastructure, monitoring, vulnerability management, incident response, compliance, and more.
We’re committed to transparency and continuously strengthening our security posture. Visit the page to learn more about how we safeguard your data.
- Does Webflow allow customers to perform penetration testing and vulnerability scan?
- Is Webflow PCI Compliant?
- Is Webflow HIPAA Compliant?