// Trust & Security Report
Anysphere, Inc.
Cursor (AI coding agent / IDE, CLI, Cloud Agents, Slack/GitHub integrations, Cursor SDK)
Certifications held
4
Maturity
Enterprise
Trains on your data
Yes
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.cursor.com“Compliance: SOC 2 Type 2. Audit reports: Latest - SOC 2 Type 2 - Attestation Report. (Security page: "A SOC 2 Type II attestation report is available on request at trust.cursor.com")”
Verify on cursor.com“No mention of ISO 27001 on the Cursor security page or Trust Center compliance list (only SOC 2 Type 2 is listed).”
Verify on cursor.com“No HIPAA claim or BAA offering found on the security page or Trust Center.”
Verify on trust.cursor.com“No explicit GDPR compliance statement surfaced on the security page; DPA/subprocessor disclosure exists in the Trust Center but a direct GDPR-compliance quote was not confirmed.”
// Privacy & AI training
Trains on customer data
Yes
Data processing agreement
Not stated
Data region
Primarily AWS US region, with some latency-critical services in Europe (EU) and Singapore. No infrastructure in China and no China-headquartered subprocessors.
Default (Privacy Mode OFF) DOES train on customer data: "we may use and store codebase data, prompts, editor actions, code snippets, and other code data and actions to improve our AI features and train our models." With Privacy Mode ON: "Customer Data will not be used for training by Cursor. Cursor maintains zero data retention (ZDR) agreements with all providers, and AI model providers will not store or train on your data." Privacy Mode is available to any user (free or Pro) and can be enforced by a team/enterprise admin. Caveat: abuse/risk classifiers may store data if abuse detectors are triggered. Codebase indexing: plaintext code for embeddings "ceases to exist after the life of the request," but embeddings and metadata (hashes, file names) may be stored.
// Security controls
Penetration testing
At-least-annual third-party penetration testing; latest 2026 report available in Trust Center ("Latest Penetration Testing Report 2026 Available", published June 9, 2026)
trust.cursor.comBug bounty
No public bug bounty program (no HackerOne/Bugcrowd public program). Vulnerability disclosure only via security-reports@cursor.com, acknowledged within 5 business days.
cursor.comEncryption
Data encryption and CMEK referenced; encryption in transit/at rest implied via AWS hosting (full at-rest/in-transit detail not quoted on security page)
cursor.comPrivacy Mode / ZDR
Privacy Mode enforces zero data retention (ZDR) with model providers; available free or Pro, enforceable by team/enterprise admin
cursor.comSubprocessors disclosed
AWS (US/EU/Singapore), Fireworks, OpenAI, Anthropic, WorkOS (SSO/SCIM) listed publicly in Trust Center
trust.cursor.com// Products & data scope
data: Codebase data, prompts, editor actions, code snippets. Trains on data by default unless Privacy Mode enabled.
Privacy Mode opt-in available to free and Pro users.
data: Admin-controlled Privacy Mode enforcement, SSO/SCIM via WorkOS.
Team/enterprise admins can enforce Privacy Mode org-wide; ZDR with providers when enabled.
data: SOC 2 Type 2 covered, admin-enforced Privacy Mode, CMEK referenced. Trusted by over half of the Fortune 500.
Enterprise compliance posture; subprocessor + pen-test reports available under NDA via Trust Center.
data: Cloud Agents run on Cursor-managed compute; same Privacy Mode / ZDR posture applies.
Cloud agents execute autonomously on managed infrastructure; expands data-flow surface vs. local IDE.
// What to watch
- Trains on customer code BY DEFAULT (Privacy Mode is opt-in, not on by default) - notable for code-confidentiality-sensitive buyers.
- No public bug bounty program (private disclosure only).
- Only SOC 2 Type II confirmed; ISO 27001 and HIPAA not advertised - verify if those are buyer requirements.
- Cloud Agents expand the data-processing surface beyond the local editor.
// At a glance
Pricing model
Freemium + subscription (Free, Pro, Business/Teams per-seat, Enterprise custom)
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Anysphere, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.cursor.com