Security & Compliance
Customers entrust us with their workloads, and therefore with their data. We take this trust extremely seriously, and employ a multifaceted approach to ensure security and isolation.
In addition to security being at the core of our infrastructure and software, we are also audited and pentested regularly to ensure nothing slips through the cracks.
SOC 2
As part of SOC 2 certification, our compliance is continuously monitored by external security experts. The findings of these audits and our SOC 2 certification can be viewed in our Trust Center.
Trust Center
To provide transparency into our security controls and certifications, anyone can request access to our Trust Center to view our SOC 2 report, controls, and list of sub-processors.
Audit logs
Changes made to your workspace, instances, and volumes produce audit logging entries which can be used for security and debugging purposes.
Audit entries are available in Namespace's UI and can be filtered for certain actions or actors.
Audit Log Forwarding (SIEM)
Namespace also supports pushing audit events to a customer provided SIEM (Security Information & Event Management) solution. This allows for centralized analysis, streamlined compliance, and real-time threat detection within your existing security tooling.
Audit Log Forwarding is available to Enterprise customers.
To set up Audit Log Forwarding with SIEM for your workspace, reach out via your dedicated support channel or email us at support@namespace.so.
Audit Log Types
Namespace audit logs include many different actions, including contextual data to understand exactly what happened. The most important actions and what data they contain are detailed below:
Audit Event Types
workspace.ownership.transfer
Ownership of a Workspace has been transferred to a different user
{
"tenant_id": "tenant_...",
"action": "workspace.ownership.transfer",
"target": {
"type": "user",
"user_id": "user_...",
"email": "quux@example.com"
},
"attributes": {
"previous_owner": {
"user_id": "user...",
"email": ...
}
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}workspace.membership.add
A user has been added to the workspace.
{
"tenant_id": "tenant_...",
"action": "workspace.membership.add",
"target": {
"type": "user",
"user_id": "user_...",
"email": "quux@example.com"
},
"attributes": {
"role": "READER"
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}workspace.membership.update
The role of a workspace member was changed.
{
"tenant_id": "tenant_...",
"action": "workspace.membership.update",
"target": {
"type": "user",
"user_id": "user_...",
"email": "quux@example.com"
},
"attributes": {
"role": "ADMIN"
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}workspace.membership.remove
A user has been removed from to the workspace.
{
"tenant_id": "tenant_...",
"action": "workspace.membership.remove",
"target": {
"type": "user",
"user_id": "user_...",
"email": "quux@example.com"
},
"attributes": {
"role": "READER"
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}workspace.update
The Workspace configuration was updated.
{
"tenant_id": "tenant_...",
"action": "workspace.update",
"attributes": {
"name": "New Workspace Name"
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}workspace.token.emit
An authorization token has been emitted for the workspace, e.g. a user signed in.
{
"tenant_id": "tenant_...",
"action": "workspace.token.emit",
"attributes": {
"duration": "600s"
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}instance.ssh
An SSH session was initiated with a workspace instance.
{
"tenant_id": "tenant_...",
"action": "instance.ssh",
"target": {
"type": "instance",
"instance_id": ...
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}volume.release
Emitted when a volume is released by an actor, e.g. by pressing [Release] in the Web application.
{
"tenant_id": "tenant_...",
"action": "volume.release",
"attributes": {
"tag": "my-volume"
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}federation.github.associate
Namespace's GitHub application has been associated with the workspace.
{
"tenant_id": "tenant_...",
"action": "federation.github.associate",
"target": {
"type": "github_installation",
"github_installation_id": 1234...
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "user",
"user_id": "user_...",
"email": "foobar@example.com"
}
}federation.github.deassociate
Namespace's GitHub application has been deassociated from the workspace.
{
"tenant_id": "tenant_...",
"action": "federation.github.deassociate",
"target": {
"type": "github_installation",
"github_installation_id": 1234...
},
"at": "2025-03-14T21:08:41+00:00",
"actor": {
"type": "service",
"service_id": "github"
}
}Related topics
- Private Networking → Connect instances within a workspace over a secure private network.
- IP ranges → Restrict access to traffic from Namespace’s trusted IP ranges.
- Data Residency → Control where your data lives with customizable data residency support.
- Federation → Enable secure, bidirectional access between Namespace and your cloud.