Security dashboard plan features

Bubble includes a variety of security checks designed to help keep your app secure. The specific security features available to you depend on your current subscription plan.

This article outlines which security features are included in each plan. For a more in-depth explanation of each feature, refer to the detailed descriptions provided at the bottom of the article (or follow the links in the tables below).

Basic security checks

The security dashboard provides foundational security checks to safeguard your apps from common vulnerabilities. These checks, called “issues” in your dashboard, help identify essential risks and ensure a secure starting point. While the Starter plan includes only these basic checks, all other plans offer both basic and advanced security features for comprehensive protection.

Feature
Starter
Growth
Team
Enterprise

Missing privacy rules

Sensitive data exposed in workflows

Weak password policies

Unprotected test environments

Default username/password risks

Publicly accessible sensitive fields

Advanced security checks

Advanced security checks are designed to detect more complex vulnerabilities and potential threats to your app’s infrastructure. While the security dashboard can detect these issues regardless of your plan, detailed information is limited unless your plan includes advanced checks.

Feature
Starter
Growth
Team
Enterprise

Secure page protection

Database exposure risks

Compromised API tokens

Unauthorized collaborator access

Improperly secured map API keys

Exposed sensitive API parameters

Sensitive data in API URLs

Unprotected backend workflows

Temporary password exploits

Insecure API documentation (Swagger)

Publicly accessible file uploaders

Publicly accessible picture uploaders

Unrestricted iFrame embedding

Last updated

Was this helpful?