Security Portal

Get full access to this Security Portal
  • Review all security details
  • Unlock documents
  • Ask for more information
  • Reclaim access anytime
Had access before? Reclaim access

Overview

Information security is a key company priority at LiveHire and we manage robust security controls to enhance the confidentiality, integrity and availability of our information assets and systems.

Our key objective is to safeguard customer data and our security controls are driven by a comprehensive risk management framework that governs many aspects of LiveHire’s business operations.

Being a cloud native company, LiveHire takes necessary precautions to ensure all client and user data never leave the secure cloud environment and are always protected under the highest standards.

Compliance

ISO 27001 Logo
ISO 27001
ISO 27001 SoA Logo
ISO 27001 SoA
SOC 2 Logo
SOC 2
Get full access to this Security Portal
  • Review all security details
  • Unlock documents
  • Ask for more information
  • Reclaim access anytime
Had access before? Reclaim access

LiveHire is reviewed and trusted by

Ian Martin GroupIan Martin Group
ASICSASICS
NissanNissan
VodafoneVodafone
Telstra HealthTelstra Health
FlybuysFlybuys

Documents

5 Documents
Network Diagram
Pentest Report
SOC 2 Report
ISO 27001
ISO 27001 SoA

Risk Profile

Data Access LevelRestricted
Impact LevelSubstantial
Recovery Time Objective< 12 Hours
See more

Product Security

Role-Based Access Control
Audit Logging
Data Security
See more

Reports

Network Diagram
Pentest Report
SOC 2 Report
See more

Self-Assessments

CAIQ

Data Security

Access Monitoring
Backups Enabled
Data Erasure
See more

App Security

Responsible Disclosure
Software Development Lifecycle
Credential Management
See more

Access Control

Data Access
Logging
Password Security

Infrastructure

Anti-DDoS
Amazon Web Services
BC/DR
See more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management
See more

Network Security

Firewall
IDS/IPS
Security Information and Event Management
See more

Corporate Security

Email Protection
Employee Training
Incident Response
See more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
See more

Security Grades

Qualys SSL Labs
LiveHire platform
A+

Trust Center Updates

LiveHire achieves SOC 2 Type 1 Attestation

LiveHire achieves SOC 2 Type 1 Attestation.

System and Organization Controls (SOC 2) attestation are based on the Trust Services Criteria defined by the AICPA and reports on controls relevant to security, availability, confidentiality, and privacy.

You can now download the report from our security portal.

Published at 05/25/2022, 5:42 AM

LiveHire update on Spring4Shell vulnerability

LiveHire's team has been closely tracking the Spring4Shell CVEs (CVE-2022-22947, CVE-2022-22950, CVE-2022-22963, CVE-2022-22965). Please see the updates below:

  • LiveHire does not use Java internally, and core platform functionality likely was not directly vulnerable.

  • Our Web Application Firewall (WAF) has had top level mitigation rules in place for all traffic to livehire.com, blocking any attempts to exploit this vulnerability.

  • We are currently reviewing all 3rd party components and vendors used by our platform and across our business, and work with them to identify and eliminate any other potential risks. No potential impacts identified till date.

Published at 04/01/2022, 12:36 AM

LiveHire update on Okta

While the LiveHire product allows customers to authenticate using Okta, we do not use Okta internally. As a result, at this point in time, we do not have any reason to believe we were affected. Please reach out to us at security@livehire.com if you have any further questions or concerns.

Published at 03/28/2022, 10:08 PM

If you think you may have discovered a vulnerability, please send us a note.