Overview
Demandbase helps B2B companies hit their revenue goals using fewer resources. How? By using the power of AI to identify and engage the accounts and buying groups most likely to purchase. We combine your sales and marketing data with our validated B2B data to create what we call Account Intelligence. Better data makes better AI. That’s Smarter GTM™.
Compliance

Documents
Risk Profile
Product Security
Reports
Self-Assessments
Data Security
App Security
Legal
Privacy
Access Control
Infrastructure
Endpoint Security
Network Security
Corporate Security
Policies
Security Grades
Trust Center Updates
Microsoft Office and Windows HTML Remote Code Execution (CVE-2023-36884) - Update
VulnerabilitiesCopy linkOn July 12th, 2023, Demandbase became aware of a new software 0-day security concern from our threat intelligence sources that involves Microsoft Windows and Office products. We promptly investigated to determine whether there was an impact to Demandbase systems and/or data.
Demandbase has multiple security technologies that permit us to audit our endpoints for known indicators of compromise that have been provided by Microsoft and our many security vendors. Using these technologies and reports, our team searched and did not find any evidence of Microsoft Windows or Office products being compromised within our environment. We have completed the mitigations provided by Microsoft and will continue to monitor this situation and provide further updates if necessary.
For more information on this topic, refer to the advisory posted at https://nvd.nist.gov/vuln/detail/CVE-2023-36884.
On June 5, 2023, Demandbase became aware of a new software 0-day security concern from its threat intelligence sources that involves MOVEit file transfer solution. We promptly investigated to determine whether there was an impact to Demandbase systems and/or data.
Demandbase has multiple security technologies that permit us to audit what applications are installed on our endpoints. Using these technologies, our team searched and did not find any evidence of MOVEit software installed or used within Demandbase. We continue to monitor this situation and will provide further updates if necessary.
For more information on this topic, refer to the advisory posted at https://nvd.nist.gov/vuln/detail/CVE-2023-34362.
Our latest 2023 pentest summary report is now available for download for the registered users of our Trust Site. This is a summary report of our latest Application (APT) and Ext Network (EPT) pentest engagement conducted by Bishop Fox in April 2023.
On March 30, 2023, Demandbase became aware of a new software supply chain security concern from its threat intelligence sources that involves potential compromise of 3CX voice and video collaboration software installed on user workstations. We promptly investigated to determine whether there was an impact to Demandbase systems and/or data.
Demandbase has several security technologies that permit us to audit what applications are installed on our endpoints. Using these technologies, our team searched and did not find any evidence of 3CX software installed on our endpoints. We continue to monitor this situation and will provide further updates if necessary.
For more information on this topic, refer to the advisory posted by 3CX at https://www.3cx.com/blog/news/desktopapp-security-alert/.