Advanced Security & Governance for Feature Flags

Rest easy knowing you’re ticking all the boxes to keep your builds safe and your engineers compliant—without blocking innovation.

Try Interactive Demo Talk to Us

Trusted by global banks, healthcare, & insurance providers

Get granular control without sacrificing innovation

Prevent unauthorised changes with role-based access control

Maintain compliance without creating bottlenecks

Scale feature flag usage with ease across projects, environments, and teams

“We’re working with real bank accounts and real money, so code quality and release governance are non-negotiable. Feature flags are critical to making that work.” - Dan Bovey, Senior Fullstack Engineer, OakNorth

“Flagsmith is both very simple and very powerful. It lets us manage our features and capabilities in a seamless and scalable way that lets us focus on what we do best: building security software.” - Dariel Marlow, VP of Cloud Engineering, Delinea

Track every change with an audit log

Stay compliant and ensure that every change is tracked with a comprehensive audit log of every action taken

Easily retrace events and filter to surface the information you need

4 eyes are better than 2

Create feature-specific approval processes that are easy to scale

Prevent users from accidentally toggling critical features on or off

Catch mistakes in targeting, rollout percentages, or environments before they go live

Feature flag management that checks all the boxes

Personalised onboarding

Get up-and-running with workshops tailored to your organisation.

Hands-on support

Get real-time technical support over Slack, email, Discord, or chat.

Security & control

Stay secure with 2FA, SAML, Okta, ADFS and LDAP, and more.

Decide where your data lives

Choose from a list of data centres across the globe—like California, London, Sydney, São Paulo, and Seoul—so data remains within required jurisdictions

Self-host Flagsmith to keep data within your own trusted network (HIPAA and FedRAMP compliant)

Deploy to private cloud for maximum convenience while still maintaining compliance (HIPAA compliant)

Our data centers

East Ohio, USA

London, UK

California, USA

Mumbai, India

Sydney, Australia

São Paulo, Brazil

Seoul, South Korea

Singapore

Is Flagsmith SOC2 Type 2 certified?

Yes! Flagsmith is a fully accredited SOC2 type 2 organisation. A copy of our audit report is available upon request.

How do enterprise companies manage feature flag governance at scale?

It’s important to find a feature flag platform that has advanced security and governance features like role-based access control (RBAC), audit logs, and 4-eyes releases that don’t get in the way of scaling.

Is Flagsmith HIPAA compliant?

Yes, Flagsmith’s private cloud and self-hosted instances are HIPAA compliant. We work with some of the largest healthcare organisations in the United States.

Is Flagsmith FedRAMP compliant?

Flagsmith’s self-hosted instance (on-premises or in your own cloud) is FedRAMP compliant.

Infrastructure + database support

With custom levels of support—from fully managed to second level—Flagsmith can take care of as much or as little of your hosting infrastructure needs as makes sense for your org.

Flagsmith supports Postgres, MySQL and Oracle database engines; additional database support is also available depending on your requirements.

Kubernetes and OpenShift

Your teams can easily deploy Flagsmith’s containerized platform to Kubernetes via Helm, OpenShift, AWS, Azure, or GCP.

Plus, Flagsmith’s OpenShift Operator makes it easy to deploy into OpenShift infrastructure too.