# Security dashboard plan features Bubble includes a variety of security checks designed to help keep your app secure. The specific security features available to you depend on your current subscription plan. This article outlines which security features are included in each plan. For a more in-depth explanation of each feature, refer to the detailed descriptions provided at the bottom of the article (or follow the links in the tables below). ## Basic security checks The security dashboard provides foundational security checks to safeguard your apps from common vulnerabilities. These checks, called “issues” in your dashboard, help identify essential risks and ensure a secure starting point. While the Starter plan includes only these basic checks, all other plans offer both basic and advanced security features for comprehensive protection. {% hint style="warning" %} Security checks marked with \* are not currently available for mobile apps. {% endhint %} | Feature | Starter | Growth | Team | Enterprise | | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | ------ | ---- | ---------- | | [Missing privacy rules](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#missing-privacy-rules) | ✅ | ✅ | ✅ | ✅ | | \* [Sensitive data exposed in workflows](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#sensitive-data-exposed-in-workflows) | ✅ | ✅ | ✅ | ✅ | | [Weak password policies](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#weak-password-policies) | ✅ | ✅ | ✅ | ✅ | | [Unprotected test environments](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#unprotected-test-environment) | ✅ | ✅ | ✅ | ✅ | | [Default username/password risks](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#default-username-password-risks) | ✅ | ✅ | ✅ | ✅ | | [Publicly accessible sensitive fields](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#publicly-accessible-sensitive-fields) | ✅ | ✅ | ✅ | ✅ | | [Unsafe API call configuration](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#unsafe-api-call-configuration) | ✅ | ✅ | ✅ | ✅ | | \* [Sensitive credentials or parameters exposed](https://manual.bubble.io/~/changes/1188/help-guides/security/security-tests/issue-details#sensitive-credentials-or-parameters-exposed) | ✅ | ✅ | ✅ | ✅ | ## Advanced security checks Advanced security checks are designed to detect more complex vulnerabilities and potential threats to your app’s infrastructure. While the security dashboard can detect these issues regardless of your plan, detailed information is limited unless your plan includes advanced checks.
FeatureStarterGrowthTeamEnterprise
* Secure page protection
Database exposure risks
* Compromised API tokens
Unauthorized collaborator access
Improperly secured map API keys
Sensitive data in API URLs
Unprotected backend workflows
* Temporary password exploits
Insecure API documentation (Swagger)
* Publicly accessible file uploaders
* Publicly accessible picture uploaders
Unrestricted iFrame embedding