🔥 New: Full-Stack Next.js 15 Bootcamp — live cohort starts Jan 27. Grab your seat →
Security & Privacy

Security First.
By Design.

Learn It. Build It. Run It. We treat your code and data with the same rigor we expect from our engineers. RunIt is a platform where trust is engineered into every layer.

Contact Security Team Read Our Privacy Policy
Secure data center servers with indicator lights
Encryption

Your data is locked down.

We use the industry-standard AES-256 encryption for data at rest and TLS 1.3 for data in transit. No keys are ever shared with us.

🔒 At Rest

AES-256 Encryption

All user data, course assets, and infrastructure configurations are encrypted using AES-256 bit encryption. Keys are rotated quarterly.

🚦 In Transit

TLS 1.3 Only

We enforce TLS 1.3 for all connections. This ensures that data moving between your browser, our APIs, and the database is tamper-proof.

Infrastructure

Built on rock-solid foundations.

☁️ AWS

US-East Regions

We host on Amazon Web Services (AWS) in the US-East-1 and US-East-2 regions. Our infrastructure is distributed, redundant, and monitored 24/7.

📋 Compliance

SOC2 Type II

We are currently undergoing the audit for SOC2 Type II compliance. We are committed to transparency and best practices in security management.

Payments

Your credit card never touches our servers.

We use Stripe to handle all billing. This means we never see, store, or process raw card numbers. Stripe handles the heavy lifting with PCI-DSS Level 1 certification.

Team Controls

Granular admin for teams.

For teams and enterprise accounts, we offer robust access management to ensure the right people have the right access to the right projects.

🔐 SSO

SAML / SSO

Integrate RunIt directly with your corporate identity provider (Okta, Azure AD, etc.) for single sign-on and centralized user management.

🛡️ 2FA

Mandatory 2FA

Two-factor authentication is enabled by default for all team accounts to prevent unauthorized access to sensitive course environments.

📋 RBAC

Role-Based Access

Define roles like Admin, Instructor, or Student. Manage permissions per course or per team to limit exposure of sensitive course data.

Responsible Disclosure

Found a bug? Tell us.

We take security seriously. If you discover a potential vulnerability, please report it through our Responsible Disclosure Program rather than posting it publicly.

RunIt Security

Questions about our security posture?

Email Security Team Enterprise Plans