HostEngine
Start free trial
Trust Center

Compliance you can read, security you can verify.

Our SOC 2 Type II report is one click away — no NDA. ISO 27001/27017/27018, PCI-DSS, HIPAA BAA and a four-year audit history below.

Download SOC 2 report View sub-processors
Certifications & frameworks

Eight live attestations, refreshed annually.

SOC 2 Type II

AICPA · Apr 2026

Security, availability, confidentiality

View report

ISO/IEC 27001

BSI · Mar 2026

Information security management system

View report

ISO/IEC 27017

BSI · Mar 2026

Cloud-specific security controls

View report

ISO/IEC 27018

BSI · Mar 2026

PII processing in public clouds

View report

PCI-DSS Level 1

Coalfire · Feb 2026

Cardholder data environment (infra)

View report

GDPR + DPA ready

EU framework · Apr 2026

Standard Contractual Clauses, DPA pre-signed

View report

HIPAA BAA

Self-attested · Apr 2026

Available on request for eligible plans

View report

CSA STAR Level 2

BSI · Mar 2026

Cloud Security Alliance

View report
Security pillars

How we run the platform.

Defence in depth

Network segmentation, host hardening, runtime detection. Every layer has its own signal.

Encryption everywhere

TLS 1.3 in transit, AES-256-GCM at rest. Customer-managed keys available on Premium tiers.

Least-privilege access

Time-bounded human access reviewed quarterly. Production read access is logged and reviewed.

Verifiable backups

Daily off-region backups for 30 days. Restoration drills run bi-monthly with an independent observer.

Audit history

Six audits in the last 18 months.

Independent third-party attestations are central to our trust posture. Reports are available under a one-click NDA-free portal for prospects and free for customers.

Period Audit Vendor Result Report
Q2 2026 External penetration test Atredis Partners 0 high · 1 medium · 6 low Download
Q1 2026 SOC 2 Type II annual audit A-LIGN Clean opinion Download
Q4 2025 ISO 27001 surveillance BSI Group 0 non-conformities Download
Q3 2025 PCI-DSS Level 1 attestation Coalfire Clean ROC Download
Q2 2025 External penetration test NCC Group 0 high · 2 medium · 4 low Download
Q1 2025 SOC 2 Type II annual audit A-LIGN Clean opinion Download
Responsible disclosure

Found a vulnerability?

Email security@hostengine.com or use our HackerOne program. We pay between $500 and $25,000 per validated report depending on severity, and acknowledge receipt within 24 hours.

PGP fingerprint: 4B2D E91A 7702 0F94 ABC1 3F69 4B2D E91A 7702 0F94
security@hostengine.com View HackerOne program
Ready when you are

Need something custom for your audit?

We respond to vendor-risk questionnaires within 48 hours. SIG, CAIQ, custom security questionnaires welcome.

Email compliance@hostengine.com Talk to a solutions engineer
  • No credit card to start
  • Free migration from any provider
  • 99.99% uptime SLA, in writing
Frankfurt · 3 nodes · healthy
38ms p99
# spin up a 4 vCPU / 8 GB cloud VPS in 55s
$ hostengine vps create --plan "performance-4x8" --region "fra1"
✓ provisioned vps_2x9k1q  (172.247.18.42)
✓ image debian-12 ready · ssh keys attached
✓ snapshot policy: hourly · backups: 30 days

$ hostengine domain attach "trading.acme.io" --ssl
✓ DNS verified · Let's Encrypt cert issued in 6.4s
55s
median provision
14
global regions
$200
welcome credit