topic Re: Security validation for Certified Custom Visuals (ProfitBase Financial Reporting) in Custom Visuals Development Discussion https://community.fabric.microsoft.com/t5/Custom-Visuals-Development/Security-validation-for-Certified-Custom-Visuals-ProfitBase/m-p/5160040#M13144 <P>Hello</P><P>Yes both of those are hard requirements for Power BI certification.<BR />Microsoft's certification criteria explicitly states that certified visuals must not access external services or resources. That means no outbound network calls, no data sent to external servers, nothing leaving the browser sandbox. If a visual violates this, it can't get certified</P> Tue, 28 Apr 2026 13:11:36 GMT Juan-Power-bi 2026-04-28T13:11:36Z Security validation for Certified Custom Visuals (ProfitBase Financial Reporting) https://community.fabric.microsoft.com/t5/Custom-Visuals-Development/Security-validation-for-Certified-Custom-Visuals-ProfitBase/m-p/5160013#M13143 <P>We are using the <STRONG>ProfitBase Financial Reporting</STRONG> visual in a production environment. The client is concerned about data exfiltration risks associated with third-party visuals. As this is a PBI Certified Visual, could anyone let us know if the visual:</P><OL><LI>Does not transmit data to external servers.</LI><LI>Complies with Microsoft's "no outbound connectivity" rule for certification.</LI></OL><P>This will help us clear a security audit for our client. Thanks!</P> Tue, 28 Apr 2026 12:39:47 GMT https://community.fabric.microsoft.com/t5/Custom-Visuals-Development/Security-validation-for-Certified-Custom-Visuals-ProfitBase/m-p/5160013#M13143 AjithPrasath 2026-04-28T12:39:47Z Re: Security validation for Certified Custom Visuals (ProfitBase Financial Reporting) https://community.fabric.microsoft.com/t5/Custom-Visuals-Development/Security-validation-for-Certified-Custom-Visuals-ProfitBase/m-p/5160040#M13144 <P>Hello</P><P>Yes both of those are hard requirements for Power BI certification.<BR />Microsoft's certification criteria explicitly states that certified visuals must not access external services or resources. That means no outbound network calls, no data sent to external servers, nothing leaving the browser sandbox. If a visual violates this, it can't get certified</P> Tue, 28 Apr 2026 13:11:36 GMT https://community.fabric.microsoft.com/t5/Custom-Visuals-Development/Security-validation-for-Certified-Custom-Visuals-ProfitBase/m-p/5160040#M13144 Juan-Power-bi 2026-04-28T13:11:36Z