Security and compliance are top priorities for Vela because they are fundamental to your experience with the product. Vela is committed to securing your application’s data, eliminating system vulnerabilities, and ensuring continuity of access.
Vela uses a variety of industry-standard technologies and services to secure your data from unauthorized access, disclosure, use, and loss. All Vela employees undergo background checks before employment and are trained on security practices during company onboarding and on an annual basis.
Security is directed by Vela’s Chief Technology Officer and maintained by Vela’s Security team.
Oxeon
AfterQuery
True Search
Paragon Legal
HireArt
FirstLook Partners
Subprocessors
Subprocessors
Vela Not Impacted by Axios npm Supply Chain Attack
On March 30, 2026, Vela became aware of the Axios npm supply chain attack security incident.
Threat intelligence sources have reported that this incident introduced a malicious dependency into specific npm releases of the widely used HTTP client Axios, specifically axios@1.14.1 and axios@0.30.4.
-Recommended: Supply Chain Attack on Axios Pulls Malicious Dependency from npm, Socket Research Team
-Recommended: Hidden Blast Radius of the Axios Compromise, Socket Research Team
We want our customers to know that Vela is not impacted by this threat.
We do not leverage the affected versions of this software (axios@1.14.1 or axios@0.30.4) within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.