Security and Compliance

Security isn’t just a feature–it’s a fundamental part of everything we do.


Security Features

At NetBox Labs, security isn’t just a feature–it’s a fundamental part of everything we do. Our ongoing commitment to security is reflected in every aspect of our operations. From how we host and manage our infrastructure, to the NetBox Cloud application, through to compliance, security is at the forefront of our decision-making processes.

Take a quick look at how we do it in the following sections.

NetBox Labs Platform

NetBox Cloud is securely hosted in the cloud as a single tenant application, and customers are able to choose their desired Isolation level, high availability and scale options.

Need to meet data sovereignty requirements? Choose to host your NetBox Cloud services and data (including backups) in the US, Europe, or optionally in custom locations to meet specific needs.

NetBox Cloud offers cloud connectivity options to give you full control over how your data is accessed.

Need to deploy NetBox in your own environment? NetBox Enterprise supports the most stringent and secure use cases.

NetBox Cloud Application

Cloud Firewall

IP Allow Lists

Easily secure access to your NetBox Cloud instance by adding IPv4 and IPv6 addresses and ranges to an IP Allow List.

This ensures that our Web UI and API will only accept connections from your authorized source IPs.


Mutual TLS provides advanced connection security for enterprise use cases by ensuring that all clients connecting to NetBox cloud present a valid security certificate before establishing an encrypted connection.

Combine with IP Allow Lists for ultimate connection security.

Dedicated IP Address

Utilize a dedicated IP address for accessing the User Interface (UI) and Application Programming Interface (API) to bolster security and ensure protected connectivity.

Automated Backups

Enjoy peace of mind knowing that your NetBox Cloud database is backed up, and you have the flexibility to choose your desired backup frequency. Backups are stored with a separate cloud storage provider, in the same region as your NetBox Cloud deployment, as well as being encrypted at rest and in transit.

You can also easily create backups on demand, and download backups for archiving and testing purposes, all via the NetBox Labs Console.

Two-Factor Authentication

Two-Factor authentication for the NetBox Labs Console enhances security even further by adding an extra layer of protection beyond just a password, making it significantly more challenging for unauthorized users to gain access. You can enable it with a couple of clicks.

Single Sign-On (SSO)

NetBox Cloud comes with common SSO integrations (Azure, Okta, Google). Optional advanced SSO integrations are available, and we are happy to discuss custom requirements.

See our documentation for step-by-step guides on how to configure common SSO integrations.


NetBox Labs is fully SOC 2 Type II compliant and this reflects our unwavering dedication to serving our customers and community with the highest levels of security and reliability. Our SOC 2 Type II Report is just one of the many ways we demonstrate our commitment to maintaining the highest security standards. 

Feel free to contact us if you have any questions or require additional information about our security practices.

Security Controls

NetBox Labs adheres to a range of controls to apply “security in layers” across our team and technology.

Data security
  • Customer production data is segmented and only accessible to authorized customers
  • All production data is stored encrypted at rest
  • All public facing internet traffic is encrypted in transit
  • Automated backups of all customer and system data are performed
Infrastructure security
  • Systems that handle confidential information, accept network connections, or make access control decisions retain audit logs
  • Penetration tests are performed annually
  • SSO and MFA are required for employee access to production environment
  • All vulnerability findings are tracked to resolution in accordance with SLAs
Application security
  • Secure programming standards are followed
  • Code changes are reviewed by individuals other than the originating code author
  • All changes to production environments follow change control procedures
  • Automated vulnerability scanning is employed
Incident response
  • Incidents reported to are responded to promptly
  • Processes surrounding security incident response are periodically reviewed for effectiveness
Business practices
  • Background and reference checks are carried out for all new employees 
  • Employees must periodically complete security awareness training
  • All vendors and contractors are inventoried and reviewed for risk