Getting started
Teams & Admin
Enterprise Security Features

Enterprise Security Features

Security Practices

Security has always been a top priority at Replay. We have focused on making all aspects of the service secure, including product design, server architecture, and employee access. Now, automated monitoring through Vanta (opens in a new tab) with formal policies that allow us to stay up to date on our security posture at all times.

We do our best to document our approach to Software Development, Encryption, Authentication, Access Control and other topics in our Security and Privacy (opens in a new tab) page. Feel free to reach out to if you would like more information about our security practices or a copy of our SOC 2 Type 1 and Type 2 reports.

Enterprise Features

Self Storage a.k.a. Bring Your Own Bucket

It’s possible to host your Replay data in the S3 Bucket or storage of your choice. This gives you full control of how your data is accessed, the ability to monitor access, and revoke access at any point.

URL Allowlist and Blocklist

It’s possible to specify a set of URLs which can be included or excluded from a Replay. This gives you control to limit Replay recordings to web apps that are hosted on certain URLs or to environments that belong to match domains.


  • Allow recordings for development and staging, exclude production
  • Allow recordings for /search exclude recordings which match /checkout

SSO Integrations

Replay supports SSO integrations such as Okta and SAML 2.0 so that you can keep your existing identity and authentication system.