Trust Site

Get access to this Trust Site
  • Review sensitive security details
  • Unlock documents
  • Reclaim access anytime
Had access before? Reclaim access

Overview

Demandbase helps B2B companies hit their revenue goals using fewer resources. How? By using the power of AI to identify and engage the accounts and buying groups most likely to purchase. We combine your sales and marketing data with our validated B2B data to create what we call Account Intelligence. Better data makes better AI. That’s Smarter GTM™.

Compliance

ISO 27001 Logo
ISO 27001
SOC 2 Logo
SOC 2
Get access to this Trust Site
  • Review sensitive security details
  • Unlock documents
  • Reclaim access anytime
Had access before? Reclaim access

Documents

Pentest Report
ISO 27001
SOC 2
CAIQ
SIG Lite
Cross-Border Data Transfers

Risk Profile

Impact LevelModerate
Critical DependenceNo
Third Party DependenceYes
See more

Product Security

Audit Logging
Data Security
Integrations
See more

Reports

Pentest Report
SOC 2 Report
Vulnerability Assessment Report

Self-Assessments

CAIQ
SIG Lite

Data Security

Access Monitoring
Backups Enabled
Data Erasure
See more

App Security

Responsible Disclosure
Bot Detection
Code Analysis
See more

Legal

Subprocessors
Data Processing Addendum
Master Subscription Agreement
See more

Privacy

Cookies
Cross-Border Data Transfers
Data Protection Officer
See more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
BC/DR
See more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
See more

Network Security

Firewall
IDS/IPS
Security Information and Event Management

Corporate Security

Asset Management Practices
Email Protection
Employee Training
See more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
See more

Security Grades

Qualys SSL Labs
demandbase.com, api.demandbase.com
A+

Trust Center Updates

Microsoft Office and Windows HTML Remote Code Execution (CVE-2023-36884) - Update

VulnerabilitiesCopy link

On July 12th, 2023, Demandbase became aware of a new software 0-day security concern from our threat intelligence sources that involves Microsoft Windows and Office products. We promptly investigated to determine whether there was an impact to Demandbase systems and/or data.

Demandbase has multiple security technologies that permit us to audit our endpoints for known indicators of compromise that have been provided by Microsoft and our many security vendors. Using these technologies and reports, our team searched and did not find any evidence of Microsoft Windows or Office products being compromised within our environment. We have completed the mitigations provided by Microsoft and will continue to monitor this situation and provide further updates if necessary.

For more information on this topic, refer to the advisory posted at https://nvd.nist.gov/vuln/detail/CVE-2023-36884.

Published at N/A

MOVEit Transfer 0-day Update

VulnerabilitiesCopy link

On June 5, 2023, Demandbase became aware of a new software 0-day security concern from its threat intelligence sources that involves MOVEit file transfer solution. We promptly investigated to determine whether there was an impact to Demandbase systems and/or data.

Demandbase has multiple security technologies that permit us to audit what applications are installed on our endpoints. Using these technologies, our team searched and did not find any evidence of MOVEit software installed or used within Demandbase. We continue to monitor this situation and will provide further updates if necessary.

For more information on this topic, refer to the advisory posted at https://nvd.nist.gov/vuln/detail/CVE-2023-34362.

Published at N/A

Demandbase 2023 APT and EPT (pentest) summary report is now available.

GeneralCopy link

Our latest 2023 pentest summary report is now available for download for the registered users of our Trust Site. This is a summary report of our latest Application (APT) and Ext Network (EPT) pentest engagement conducted by Bishop Fox in April 2023.

Published at N/A

3CX Update

GeneralCopy link

On March 30, 2023, Demandbase became aware of a new software supply chain security concern from its threat intelligence sources that involves potential compromise of 3CX voice and video collaboration software installed on user workstations. We promptly investigated to determine whether there was an impact to Demandbase systems and/or data.

Demandbase has several security technologies that permit us to audit what applications are installed on our endpoints. Using these technologies, our team searched and did not find any evidence of 3CX software installed on our endpoints. We continue to monitor this situation and will provide further updates if necessary.

For more information on this topic, refer to the advisory posted by 3CX at https://www.3cx.com/blog/news/desktopapp-security-alert/.

Published at N/A*
Powered BySafeBase Logo