Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Information security is a key company priority at LiveHire and we manage robust security controls to enhance the confidentiality, integrity and availability of our information assets and systems.

Our key objective is to safeguard customer data and our security controls are driven by a comprehensive risk management framework that governs many aspects of LiveHire’s business operations.

Being a cloud native company, LiveHire takes necessary precautions to ensure all client and user data never leave the secure cloud environment and are always protected under the highest standards.

Start your security review
View & download sensitive information
Ask for information
Ian Martin Group-company-logoIan Martin Group
ASICS-company-logoASICS
Nissan-company-logoNissan
Vodafone-company-logoVodafone
Telstra Health-company-logoTelstra Health
Flybuys-company-logoFlybuys

Documents

Network Diagram

Trust Center Updates

Celebrating the achievement of LiveHire's most recent SOC 2 Type II Attestation Report

ComplianceCopy link

LiveHire is thrilled to announce that it has once again received its SOC 2 Type II report and attestation, a significant milestone that reflects its unwavering commitment to security and reinforces its dedication to safeguarding its customers' and members' data.

LiveHire, by maintaining its SOC 2 Type II attestation, has successfully demonstrated the effectiveness of security measures over an extended period. The SOC 2 Type II renewal attests to the operating design and effectiveness of LiveHire's controls to meet the security, confidentiality, privacy and availability trust services criteria between 1 November 2022 and 31 October 2023. LiveHire has maintained SOC 2 attestation continually since April 2022, receiving SOC 2 Type I attestation in April 2022 and SOC 2 Type II attestation from 1 May to 31 October 2023.

LiveHire would like to express its gratitude for your continued trust in its platform and services. LiveHire remains committed to investing in and improving its controls and processes to maintain the security of its platform and the privacy of your data as it supports you to empower the flow of the world's talent.

Published at N/A

LiveHire achieves ISO 27018 certification

ComplianceCopy link

LiveHire achieves ISO 27018 certification.

ISO 27018 is a an extension of the 27001 family of Information Security standards specifically to cover a Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.

You can now download the report from our security portal.

Published at N/A*

LiveHire achieves SOC 2 Type 2 Attestation

ComplianceCopy link

LiveHire achieves SOC 2 Type 2 Attestation.

System and Organization Controls (SOC 2) attestation are based on the Trust Services Criteria defined by the AICPA and reports on controls relevant to security, availability, confidentiality, and privacy.

You can now download the report from our security portal.

Published at N/A

LiveHire's Response to OpenSSL 3.0 vulnerability

IncidentsCopy link

After careful review of our infrastructure and application code, the LiveHire team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.

As a helpful resource, you can use this page to determine if certain widely used software in your environment is affected or unaffected: https://github.com/NCSC-NL/OpenSSL-2022/blob/main/software/README.md

Published at N/A*

LiveHire achieves SOC 2 Type 1 Attestation

ComplianceCopy link

LiveHire achieves SOC 2 Type 1 Attestation.

System and Organization Controls (SOC 2) attestation are based on the Trust Services Criteria defined by the AICPA and reports on controls relevant to security, availability, confidentiality, and privacy.

You can now download the report from our security portal.

Published at N/A*

LiveHire update on Spring4Shell vulnerability

IncidentsCopy link

LiveHire's team has been closely tracking the Spring4Shell CVEs (CVE-2022-22947, CVE-2022-22950, CVE-2022-22963, CVE-2022-22965). Please see the updates below:

  • LiveHire does not use Java internally, and core platform functionality likely was not directly vulnerable.

  • Our Web Application Firewall (WAF) has had top level mitigation rules in place for all traffic to livehire.com, blocking any attempts to exploit this vulnerability.

  • We are currently reviewing all 3rd party components and vendors used by our platform and across our business, and work with them to identify and eliminate any other potential risks. No potential impacts identified till date.

Published at N/A

LiveHire update on Okta

IncidentsCopy link

While the LiveHire product allows customers to authenticate using Okta, we do not use Okta internally. As a result, at this point in time, we do not have any reason to believe we were affected. Please reach out to us at security@livehire.com if you have any further questions or concerns.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo