CINXE.COM

Security | Zulip

<!DOCTYPE html> <html lang='en' > <head> <meta charset="UTF-8" /> <title>Security | Zulip</title> <link id="favicon" rel="icon" href="https://static.zulipchat.com/static/images/favicon.svg?v=4" /> <link rel="alternate icon" href="https://static.zulipchat.com/static/images/favicon.png?v=4" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <!-- Google / search engine tags --> <meta name="robots" content="noindex,nofollow" /> <!-- Open Graph / Facebook / Twitter meta tags --> <meta property="og:url" content="https://kvrocks.zulipchat.com/security/" /> <meta property="og:type" content="website" /> <meta property="og:site_name" content="Zulip" /> <meta property="og:title" content="Security | Zulip" /> <meta property="og:description" content="Making sure your information stays protected is our highest priority. Learn how Zulip’s security strategy covers all aspects of our product and business." /> <meta property="og:image" content="https://avatars.zulip.com/67956/realm/icon.png?version=2" /> <meta name="twitter:card" content="summary" /> <script id="sentry-params" type="text/json">{"dsn":"https://26bb474451d946d6892d649ac54c3182@o48127.ingest.sentry.io/4504556882821120","environment":"production","realm_key":"kvrocks","sample_rate":1.0,"server_version":"10.0-beta2-336-g1e3bf33d44","trace_rate":0}</script> <script src="https://static.zulipchat.com/static/webpack-bundles/2449.944de03eb5e5da034cd6.js" defer crossorigin="anonymous" ></script> <link href="https://static.zulipchat.com/static/webpack-bundles/2037.f2f30a92cfcd4ad3856e.css" rel="stylesheet" /> <script src="https://static.zulipchat.com/static/webpack-bundles/2037.b43fc5e8afcd5cefa42e.js" defer crossorigin="anonymous" ></script> <script src="https://static.zulipchat.com/static/webpack-bundles/5059.e28c17251151ed77f1a6.js" defer crossorigin="anonymous" ></script> <script src="https://static.zulipchat.com/static/webpack-bundles/3355.bae18f829f5940205f32.js" defer crossorigin="anonymous" ></script> <script src="https://static.zulipchat.com/static/webpack-bundles/2655.24821712b3fb786d39cf.js" defer crossorigin="anonymous" ></script> <script src="https://static.zulipchat.com/static/webpack-bundles/6627.24b09bbbcf4bcf66b045.js" defer crossorigin="anonymous" ></script> <link href="https://static.zulipchat.com/static/webpack-bundles/4355.dc92187fb75198a481ed.css" rel="stylesheet" /> <script src="https://static.zulipchat.com/static/webpack-bundles/5683.0d854b8b227fd89e63ac.js" defer crossorigin="anonymous" ></script> <link href="https://static.zulipchat.com/static/webpack-bundles/4904.6ec91743d1bd1a47c5f5.css" rel="stylesheet" /> <link href="https://static.zulipchat.com/static/webpack-bundles/2621.095662340ad864434b95.css" rel="stylesheet" /> <script src="https://static.zulipchat.com/static/webpack-bundles/7863.8acc6fb297a8994cb735.js" defer crossorigin="anonymous" ></script> <script src="https://static.zulipchat.com/static/webpack-bundles/5693.62c023ee96922b3b2dc1.js" defer crossorigin="anonymous" ></script> <link href="https://static.zulipchat.com/static/webpack-bundles/3350.569c9a160e061d1a309d.css" rel="stylesheet" /> <script src="https://static.zulipchat.com/static/webpack-bundles/5148.6b70bdd384016bfe06b4.js" defer crossorigin="anonymous" ></script> <script src="https://static.zulipchat.com/static/webpack-bundles/landing-page.44cd29d09302f85b8044.js" defer crossorigin="anonymous" ></script> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> </head> <body> <div class="portico-container" data-platform="Mozilla"> <div class="portico-wrap"> <div class="header portico-header"> <div class="header-main" id="top_navbar"> <div class="float-left"> <div class="brand logo"> <a href="https://zulipchat.com/"> <svg class="brand-logo" role="img" aria-label="Zulip" xmlns="http://www.w3.org/2000/svg" viewBox="68.96 55.62 1742.12 450.43" height="25"> <path fill="hsl(0, 0%, 27%)" d="M473.09 122.97c0 22.69-10.19 42.85-25.72 55.08L296.61 312.69c-2.8 2.4-6.44-1.47-4.42-4.7l55.3-110.72c1.55-3.1-.46-6.91-3.64-6.91H129.36c-33.22 0-60.4-30.32-60.4-67.37 0-37.06 27.18-67.37 60.4-67.37h283.33c33.22-.02 60.4 30.3 60.4 67.35zM129.36 506.05h283.33c33.22 0 60.4-30.32 60.4-67.37 0-37.06-27.18-67.37-60.4-67.37H198.2c-3.18 0-5.19-3.81-3.64-6.91l55.3-110.72c2.02-3.23-1.62-7.1-4.42-4.7L94.68 383.6c-15.53 12.22-25.72 32.39-25.72 55.08 0 37.05 27.18 67.37 60.4 67.37zm522.5-124.15l124.78-179.6v-1.56H663.52v-48.98h190.09v34.21L731.55 363.24v1.56h124.01v48.98h-203.7V381.9zm338.98-230.14V302.6c0 45.09 17.1 68.03 47.43 68.03 31.1 0 48.2-21.77 48.2-68.03V151.76h59.09V298.7c0 80.86-40.82 119.34-109.24 119.34-66.09 0-104.96-36.54-104.96-120.12V151.76h59.48zm244.91 0h59.48v212.25h104.18v49.76h-163.66V151.76zm297 0v262.01h-59.48V151.76h59.48zm90.18 3.5c18.27-3.11 43.93-5.44 80.08-5.44 36.54 0 62.59 7 80.08 20.99 16.72 13.22 27.99 34.99 27.99 60.64 0 25.66-8.55 47.43-24.1 62.2-20.21 19.05-50.15 27.6-85.13 27.6-7.77 0-14.77-.39-20.21-1.17v93.69h-58.7V155.26zm58.7 118.96c5.05 1.17 11.27 1.55 19.83 1.55 31.49 0 50.92-15.94 50.92-42.76 0-24.1-16.72-38.49-46.26-38.49-12.05 0-20.21 1.17-24.49 2.33v77.37z"/> </svg> </a> </div> </div> <div class="float-right top-links"> <a href="/login/">Log in</a> <a href="/register/">Sign up</a> </div> </div> </div> <div class="app portico-page "> <div class="app-main portico-page-container"> <!-- We have separate copies of the navbar list for web and mobile. Please update both the versions when making changes. --> <nav class="top-menu"> <div class="top-menu-container"> <a class="top-menu-logo nav-zulip-logo" href="https://zulip.com" tabindex="1"></a> <div class='top-menu-items-group-1'> <div class='top-menu-item top-menu-tab'> <div class="top-menu-tab-unselect"></div> <input type="radio" name="top-menu-tabs" class="top-menu-tab-input" id="top-menu-tab-product" /> <label for="top-menu-tab-product" class="nav-menu-label" tabindex="0">Product</label> <div class="top-menu-submenu"> <div class="top-menu-submenu-column"> <span class="top-menu-submenu-section">OVERVIEW</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://blog.zulip.com/2024/11/04/choosing-a-team-chat-app/">Choosing a team chat app</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/why-zulip/">Why Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/try-zulip/">Try Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/help/moving-to-zulip">Moving to Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/self-hosting/">Self-hosting</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/security/">Security</a></li> </ul> </div> <div class="top-menu-submenu-column"> <span class="top-menu-submenu-section">FEATURES</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/features/">Feature matrix</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/apps/">Desktop and mobile apps</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/integrations/">Integrations</a></li> <li class="top-menu-submenu-list-item"><a href="/api/">API</a></li> <li class="top-menu-submenu-list-item"><a href="/help/">Help center</a></li> </ul> </div> <div class="top-menu-submenu-column"> <span class="top-menu-submenu-section">USE CASES</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/business/">Business</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/education/">Education</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/research/">Research</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/events/">Events and conferences</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/open-source/">Open source projects</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/communities/">Communities</a></li> </ul> </div> </div> </div> <div class='top-menu-item top-menu-tab'> <div class="top-menu-tab-unselect"></div> <input type="radio" name="top-menu-tabs" class="top-menu-tab-input" id="top-menu-tab-case-studies"/> <label for="top-menu-tab-case-studies" class="nav-menu-label" tabindex="0">Case studies</label> <div class="top-menu-submenu" id="case-studies-submenu"> <div class="top-menu-submenu-column"> <span class="top-menu-submenu-section">BUSINESS</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/idrift/"> Efficient distributed team management at iDrift AS </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/gut-contact/"> Easy communication for 1000 agents at GUT contact </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/end-point/"> Managing hundreds of projects at End Point Dev </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/semsee/"> More efficient communication than Slack at Semsee </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/atolio/"> Open distributed communication at Atolio </a> </li> </ul> </div> <div class="top-menu-submenu-column" id="education-and-research-submenu-column"> <span class="top-menu-submenu-section">EDUCATION and RESEARCH</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/tum/">Organized chat for 1000s of students at TUM</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/ucsd/">Communication hub across 6 continents at UCSD</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/lean/">Research collaboration at scale in the Lean mathematical community</a></li> </ul> </div> <div class="top-menu-submenu-column" id="one-source-and-communities-submenu-column"> <span class="top-menu-submenu-section">OPEN SOURCE and COMMUNITIES</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/asciidoctor/">Inclusive discussion in the open-source Asciidoctor community</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/rust/">Faster decision-making in the Rust language community</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/recurse-center/">Platform for a worldwide community since 2013 at Recurse Center</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/rush-stack/">Professional community support at Rush Stack</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/communities/">Open communities directory</a></li> </ul> </div> </div> </div> <div class='top-menu-item top-menu-tab'> <div class="top-menu-tab-unselect"></div> <input type="radio" name="top-menu-tabs" class="top-menu-tab-input" id="top-menu-tab-resources" /> <label for="top-menu-tab-resources" class="nav-menu-label" tabindex="0">Resources</label> <div class="top-menu-submenu"> <div class="top-menu-submenu-column"> <span class="top-menu-submenu-section">FOR USERS</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="/help/getting-started-with-zulip">Getting started</a></li> <li class="top-menu-submenu-list-item"><a href="/help/">Help center</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/development-community/" target="_blank" rel="noopener noreferrer">Community chat</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/help/contact-support">Contact support</a></li> </ul> </div> <div class="top-menu-submenu-column"> <span class="top-menu-submenu-section">FOR ADMINISTRATORS</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="/help/moving-to-zulip">Moving to Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.readthedocs.io/en/stable/production/install.html">Installing a Zulip server</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.readthedocs.io/en/stable/production/upgrade.html">Upgrading a Zulip server</a></li> <li class="top-menu-submenu-list-item"><a href="https://github.com/zulip/zulip" target="_blank" rel="noopener noreferrer">GitHub</a></li> </ul> </div> </div> </div> <a class='top-menu-item' href="https://zulip.com/plans/">Pricing</a> <a class='top-menu-item' href="https://zulip.com/apps/">Download</a> </div> <div class='top-menu-item-spacer'></div> <div class='top-menu-items-group-2'> <a class='top-menu-item' href="/new/">New organization</a> <a class='top-menu-item' href="/login/">Log in</a> <a class='top-menu-item' href="/register/">Sign up</a> </div> </div> <input type="radio" name="top-menu-tabs" class="top-menu-tab-input-unselect" id="top-menu-tab-close" checked /> <div id='top-menu-submenu-backdrop' class="top-menu-submenu-backdrop"></div> <label class="top-menu-tab-label-unselect nav-menu-label" for="top-menu-tab-close" tabindex="0"></label> </nav> <!-- We have separate copies of the navbar list for web and mobile. Please update both the versions when making changes. --> <details class="top-menu-mobile"> <summary class="top-menu-mobile-summary"> <a class="top-menu-logo nav-zulip-logo" href="https://zulip.com"></a> </summary> <div class="top-menu-mobile-items-group-1"> <details> <summary class="top-menu-mobile-item-summary">Product</summary> <div class="top-menu-mobile-submenu"> <span class="top-menu-mobile-submenu-section">OVERVIEW</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://blog.zulip.com/2024/11/04/choosing-a-team-chat-app/">Choosing a team chat app</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/why-zulip/">Why Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/try-zulip/">Try Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/help/moving-to-zulip">Moving to Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/self-hosting/">Self-hosting</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/security/">Security</a></li> </ul> </div> <div class="top-menu-mobile-submenu"> <span class="top-menu-mobile-submenu-section">FEATURES</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/features/">Feature matrix</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/apps/">Desktop and mobile apps</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/integrations/">Integrations</a></li> <li class="top-menu-submenu-list-item"><a href="/api/">API</a></li> <li class="top-menu-submenu-list-item"><a href="/help/">Help center</a></li> </ul> </div> <div class="top-menu-mobile-submenu"> <span class="top-menu-mobile-submenu-section">USE CASES</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/business/">Business</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/education/">Education</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/research/">Research</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/events/">Events and conferences</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/open-source/">Open source projects</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/for/communities/">Communities</a></li> </ul> </div> </details> <details> <summary class="top-menu-mobile-item-summary">Case Studies</summary> <div class="top-menu-mobile-submenu"> <span class="top-menu-mobile-submenu-section">BUSINESS</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/idrift/"> Efficient distributed team management at iDrift AS </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/gut-contact/"> Easy communication for 1000 agents at GUT contact </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/end-point/"> Managing hundreds of projects at End Point Dev </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/semsee/"> More efficient communication than Slack at Semsee </a> </li> <li class="top-menu-submenu-list-item"> <a href="https://zulip.com/case-studies/atolio/"> Open distributed communication at Atolio </a> </li> </ul> <span class="top-menu-mobile-submenu-section">EDUCATION and RESEARCH</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/tum/">Organized chat for 1000s of students at TUM</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/ucsd/">Communication hub across 6 continents at UCSD</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/lean/">Research collaboration at scale in the Lean mathematical community</a></li> </ul> <span class="top-menu-mobile-submenu-section">OPEN SOURCE and COMMUNITIES</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/asciidoctor/">Inclusive discussion in the open-source Asciidoctor community</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/rust/">Faster decision-making in the Rust language community</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/case-studies/recurse-center/">Platform for a worldwide community since 2013 at Recurse Center</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/communities/">Open communities directory</a></li> </ul> </div> </details> <details> <summary class="top-menu-mobile-item-summary">Resources</summary> <div class="top-menu-mobile-submenu"> <span class="top-menu-mobile-submenu-section">FOR USERS</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="/help/getting-started-with-zulip">Getting started</a></li> <li class="top-menu-submenu-list-item"><a href="/help">Help center</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/development-community/" target="_blank" rel="noopener noreferrer">Community chat</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.com/help/contact-support">Contact support</a></li> </ul> <span class="top-menu-mobile-submenu-section">FOR ADMINISTRATORS</span> <ul class="top-menu-submenu-list"> <li class="top-menu-submenu-list-item"><a href="/help/moving-to-zulip">Moving to Zulip</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.readthedocs.io/en/stable/production/install.html">Installing a Zulip server</a></li> <li class="top-menu-submenu-list-item"><a href="https://zulip.readthedocs.io/en/stable/production/upgrade.html">Upgrading a Zulip server</a></li> <li class="top-menu-submenu-list-item"><a href="https://github.com/zulip/zulip" target="_blank" rel="noopener noreferrer">GitHub</a></li> </ul> </div> </details> <div class='top-menu-mobile-item'><a href="https://zulip.com/plans/">Pricing</a></div> <div class='top-menu-mobile-item'><a href="https://zulip.com/apps/">Download</a></div> </div> <div class="top-menu-mobile-items-group-2"> <div class='top-menu-mobile-item'><a href="/new/">New organization</a></div> <div class='top-menu-mobile-item'><a href="/login/">Log in</a></div> <div class='top-menu-mobile-item'><a href="/register/">Sign up</a></div> </div> </details> <div class="portico-landing why-page"> <div class="hero bg-pycon security"> <div class="bg-dimmer"></div> <div class="content"> <h1 class="center">Zulip security</h1> <p></p> </div> </div> <div class="main"> <div class="padded-content"> <div class="inner-content markdown"> <p>Zulip’s security strategy covers all aspects of our product and business. Making sure your information stays protected is our highest priority.</p> <h2 id="security-basics">Security basics</h2> <ul> <li>All Zulip clients (web, mobile, desktop, terminal, and integrations) require TLS encryption and authentication over HTTPS for all data transmission between clients and the server, both on LAN and the Internet.</li> <li>All Zulip Cloud customer data is encrypted at rest. Self-hosted Zulip can be configured for encryption at rest via your hosting provider, or by setting up hardware and software disk encryption of the database and other data storage media.</li> <li>Zulip’s on-premise offerings can be hosted entirely behind your firewall, or even on an air-gapped network (disconnected from the Internet).</li> <li>Every Zulip authenticated API endpoint has built in rate limiting to prevent DoS attacks.</li> <li>Connections from the Zulip servers to Active Directory/LDAP can be secured with TLS. If Zulip is <a href="https://zulip.readthedocs.io/en/latest/production/deployment.html">deployed on multiple servers</a>, all connections between parts of the Zulip infrastructure can be secured with TLS or SSH.</li> <li>Message content can be <a href="https://zulip.readthedocs.io/en/latest/production/mobile-push-notifications.html#security-and-privacy">excluded from mobile push notifications</a>, to avoid displaying message content on locked mobile screens, and to comply with strict compliance policies such as the USA’s HIPAA standards.</li> <li>Zulip operates a HackerOne disclosure program to reward hackers for finding and responsibly reporting security vulnerabilities in Zulip. Our <a href="https://github.com/zulip/zulip">completely open source codebase</a> means that HackerOne’s white-hat hackers can audit Zulip for potential security issues with full access to the source code.</li> </ul> <h2 id="configurable-access-control-policies">Configurable access control policies</h2> <ul> <li>Zulip supports <a href="/help/direct-messages">direct messages</a> (to one or more individuals), <a href="/help/channel-permissions#private-channels">private channels</a> with any number of subscribers, as well as <a href="/help/channel-permissions#public-channels">public channels</a> available to all organization members. We also support <a href="/help/guest-users">guest accounts</a>, which only have access to a fixed set of channels, and <a href="/help/channel-posting-policy">announcement channels</a>, where only organization owners and administrators can post.</li> <li>By default, users can maintain their own names and email addresses, but Zulip also supports <a href="/help/restrict-name-and-email-changes">restricting changes</a> and synchronizing these data from another database (such as <a href="https://zulip.readthedocs.io/en/latest/production/authentication-methods.html#ldap-including-active-directory">LDAP/Active Directory</a>).</li> <li>Zulip provides many options for <a href="/help/invite-new-users">managing who can join the organization</a>, supporting everything from open to the public (e.g., for open source projects), to requiring an invitation to join, to having an email from a list of domains, to being a member of a specific organization in LDAP/Active Directory.</li> <li>Zulip can limit the features that new users have access to until their accounts are older than a <a href="/help/restrict-permissions-of-new-members">configurable waiting period</a>.</li> <li>Zulip also supports customizing whether non-admins can <a href="/help/configure-who-can-create-channels">create channels</a>, <a href="/help/configure-who-can-invite-to-channels">subscribe other users to channels</a>, <a href="/help/custom-emoji#change-who-can-add-custom-emoji">add custom emoji</a>, <a href="/help/restrict-bot-creation">add integrations and bots</a>, <a href="/help/restrict-message-editing-and-deletion">edit or delete messages</a>, and more.</li> </ul> <h2 id="authentication">Authentication</h2> <ul> <li>Zulip supports integrated single sign-on with Google, GitHub, SAML (including Okta), Entra ID (AzureAD), and Active Directory/LDAP. With Zulip on-premise, we can support any of the 100+ authentication tools supported by <a href="https://python-social-auth.readthedocs.io/en/latest/backends/index.html#social-backends">python-social-auth</a> as well as <a href="https://zulip.readthedocs.io/en/latest/production/authentication-methods.html#apache-based-sso-with-remote-user">any SSO service that has a plugin for Apache</a>.</li> <li>Zulip uses the zxcvbn password strength checker by default, and supports customizing users’ password strength requirements. See our documentation on <a href="https://zulip.readthedocs.io/en/latest/production/security-model.html#passwords">password strength</a> for more detail.</li> <li>Users can rotate their accounts’ credentials, blocking further access from any compromised Zulip credentials. With Zulip on-premise, server administrators can additionally revoke and reset any user’s credentials.</li> <li>Owners can deactivate any <a href="/help/deactivate-or-reactivate-a-user">user</a>, <a href="/help/deactivate-or-reactivate-a-bot">bot, or integration</a>. Administrators can also deactivate any <a href="/help/deactivate-or-reactivate-a-user">user</a>, <a href="/help/deactivate-or-reactivate-a-bot">bot, or integration</a> except owners.</li> <li>With Zulip on-premise, <a href="https://github.com/zulip/zulip/search?q=SESSION_COOKIE_AGE&amp;type=code">session length</a> and <a href="https://github.com/zulip/zulip/search?q=SESSION_EXPIRE_AT_BROWSER_CLOSE&amp;type=code">idle timeouts</a> can be configured to match your organization’s security policies.</li> </ul> <h2 id="integrity-and-auditing">Integrity and auditing</h2> <ul> <li>Zulip owners and administrators can restrict users’ <a href="/help/restrict-message-editing-and-deletion">ability to edit or delete messages</a>, and whether deleted messages are retained in the database or deleted permanently. Zulip by default stores the complete history of all message content on the platform, including edits and deletions, and all uploaded files.</li> <li>Zulip’s server logging has configurable log rotation policies and can be used for an end-to-end history of system usage.</li> <li>Zulip stores in its database a permanent long-term audit log containing the history of important actions (e.g., changes to passwords, email addresses, and channel subscriptions).</li> <li>Zulip’s powerful data exports (<a href="https://zulip.readthedocs.io/en/latest/production/export-and-import.html">on-premise</a>, <a href="/help/export-your-organization">cloud</a>) can be imported into third-party tools for legal discovery and other compliance purposes. Zulip’s enterprise offerings include support for integrating these with your compliance tools.</li> <li>Zulip supports GDPR and HIPAA compliance.</li> </ul> <h2 id="the-little-things">The little things</h2> <p>Many products talk about having great security and privacy practices, but fall short in actually protecting their users due to buggy code or poor operational practices.</p> <p>Our focus on security goes beyond a feature checklist: it’s a point of pride. Zulip founder Tim Abbott was previously the CTO of Ksplice, which provided rebootless Linux kernel security updates for over 100,000 production servers (now the flagship feature of <a href="https://www.oracle.com/linux/">Oracle Linux</a>).</p> <p>Here are some security practices we’re proud of, all of which are unusual in the industry:</p> <ul> <li>The Zulip server’s automated test suite has over 98% test coverage, including 100% of Zulip’s API layer (responsible for parsing user input). It is difficult to find any full-stack web application with as complete a set of automated tests as Zulip.</li> <li>Zulip’s Python codebase is written entirely in <a href="https://blog.zulip.org/2016/10/13/static-types-in-python-oh-mypy/">statically typed Python 3</a>, which automatically prevents a wide range of possible bugs.</li> <li>All access to user data (messages, channels, uploaded files, etc.) in the Zulip backend is through carefully-audited core libraries that validate that the user who is making the request has access to that data.</li> <li>Only a small handful of people have access to production servers or to sensitive customer data.</li> <li>Our error handling systems have been designed from the beginning to avoid including user message content in error reports, even in cases where this makes debugging quite difficult (e.g., bugs in the message rendering codebase).</li> <li>Zulip has a carefully designed API surface area of only about 100 API endpoints. For comparison, products of similar scope typically have hundreds or even thousands of endpoints. Every new API endpoint is personally reviewed for security and necessity by the system architect Tim Abbott.</li> </ul> <p>These security practices matter! Slack, the most popular SaaS team chat provider, has needed to award <a href="https://hackerone.com/slack">hundreds of bounties</a> for security bugs found by security researchers outside the company.</p> <h2 id="further-reading">Further reading</h2> <ul> <li>Detailed <a href="https://zulip.readthedocs.io/en/latest/production/security-model.html">security model documentation</a></li> </ul> </div> </div> </div> </div> </div> </div> </div> <div class="alert-box"></div> <footer id="footer"> <div class='footer__container'> <div class="footer__section"> <h3 class="footer__section-title"> Product </h3> <ul> <li><a href="/why-zulip/">Why Zulip</a></li> <li><a href="/features/">Features</a></li> <li><a href="/plans/">Plans & pricing</a></li> <li><a href="/self-hosting/">Self-hosting</a></li> <li><a href="/security/">Security</a></li> <li><a href="/integrations/">Integrations</a></li> <li class="extra_margin"><a href="/apps/">Desktop & mobile apps</a></li> <li><a href="/new/">New organization</a></li> <li><a href="/accounts/go/">Log in</a></li> <li><a href="/accounts/find/">Find accounts</a></li> </ul> </div> <div class="footer__section"> <h3 class="footer__section-title"> Solutions </h3> <ul> <li><a href="/for/business/">Business</a></li> <li><a href="/for/education/">Education</a></li> <li><a href="/for/research/">Research</a></li> <li><a href="/for/events/">Events & conferences</a></li> <li><a href="/for/open-source/">Open source projects</a></li> <li class="extra_margin"><a href="/for/communities/">Communities</a></li> <li><a href="/use-cases/">Customer stories</a></li> <li><a href="/communities/">Open communities</a></li> </ul> </div> <div class="footer__section"> <h3 class="footer__section-title"> Resources </h3> <ul> <li><a href="/help/getting-started-with-zulip">Getting started</a></li> <li><a href="/help/">Help center</a></li> <li><a href="/development-community/" target="_blank">Community chat</a></li> <li><a href="/help/contact-support">Contact support</a></li> <li><a href="/request-demo/">Get a demo</a></li> <li class="extra_margin"><a href="https://status.zulip.com/">Zulip Cloud status</a></li> <li> <a href="/help/moving-to-zulip"> Moving to Zulip </a> </li> <li> <a href="https://zulip.readthedocs.io/en/stable/production/install.html"> Installing a Zulip server </a> </li> <li> <a href="https://zulip.readthedocs.io/en/stable/production/upgrade.html"> Upgrading a Zulip server </a> </li> </ul> </div> <div class="footer__section"> <h3 class="footer__section-title"> Contributing </h3> <ul> <li> <a href="https://zulip.readthedocs.io/en/latest/contributing/contributing.html"> Contributing guide </a> </li> <li><a href="/development-community/">Development community</a></li> <li> <a href="https://zulip.readthedocs.io/en/latest/translating/translating.html"> Translation </a> </li> <li><a href="/api/">API</a></li> <li><a href="https://github.com/zulip/zulip/">GitHub</a></li> </ul> </div> <div class="footer__section"> <h3 class="footer__section-title"> About us </h3> <ul> <li> <a href="/team/">Team</a> & <a href="/history/">History</a> </li> <li><a href="/values/">Values</a></li> <li><a href="/jobs/">Jobs</a></li> <li><a href="https://blog.zulip.com/" target="_blank">Blog</a></li> <li><a href="https://zulip.com/help/support-zulip-project">Support Zulip</a></li> </ul> <div class="footer-social-links"> <a class="footer-social-icon footer-social-icon-x" title="X (Twitter)" href="https://twitter.com/zulip" target="_blank" rel="noopener noreferrer"></a> <a class="footer-social-icon footer-social-icon-mastodon" title="Mastodon" href="https://fosstodon.org/@zulip" target="_blank" rel="noopener noreferrer"></a> <a class="footer-social-icon footer-social-icon-linkedin" title="LinkedIn" href="https://www.linkedin.com/company/zulip-by-kandra-labs/" target="_blank" rel="noopener noreferrer"></a> </div> </div> </div> <div class="footer__legal "> <div class="footer__legal-container"> <div class="copyright">© Kandra Labs, Inc. (“Zulip”)</div> <div class="footer__legal-spacer"></div> <a href="https://zulipchat.com/policies/terms">Terms of Service</a> <a href="https://zulipchat.com/policies/privacy">Privacy policy</a> <a href="https://zulip.com/attribution/">Website attributions</a> </div> </div> </footer> </div> <div hidden id="page-params" data-params='{"page_type":"default","development_environment":false,"request_language":"en","google_analytics_id":"UA-79921909-3"}'></div> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10