Is there any guidance on how to do threat modelling with a bubble app?

What security can we rely on from bubble and what do we need to build defenses for?

For example - the login system - how secure is it? Do we need to do anything to make it more secure?

What about user data?

Is there any thinking about how to secure bubble apps?


You’ll most want to consider privacy rules to make sure that your app data is secure. We handle just about everything else. Feel free to reach us at if you’d like more info on Bubble’s security practices!

Thanks. Can you elaborate on “consider privacy rules”. Is this basically about not showing information that should not be shown? I think we can safely handle that. My main concern is around things like basic link hijacking or script injection to extract information that should be private. Will email support though. THanks.

This topic was automatically closed after 70 days. New replies are no longer allowed.