Security Portal

Get full access to this Security Portal
  • Review all security details
  • Unlock documents
  • Submit security questionnaires
  • Ask for more information
Had access before? Reclaim access

Overview

ServiceTitan has implemented best-in-class security practices to keep customer data safe. Our security program is based on best practices in the SaaS industry. As such, our goals when executing this program are:

  • Trust, Transparency, and Protection of Customers data: ServiceTitan is committed to protecting and keeping the privacy and confidentiality of our customer's data and information. We are also committed to transparency and will respond pro-actively in any situation.
  • High Availability and Continuity of Service: you can follow live at https://servicetitan.statuspage.io/.
  • Risk & Compliances: Compliance profiles have a list of controls. We compare our SaaS solution, including technology and operations, against these controls.

Compliance

PCI DSS Logo
PCI DSS
SOC 1 Logo
SOC 1
SOC 2 Logo
SOC 2
Get full access to this Security Portal
  • Review all security details
  • Unlock documents
  • Submit security questionnaires
  • Ask for more information
Had access before? Reclaim access

Documents

10 Documents
Other Reports
Security Whitepaper
PCI DSS
SOC 1
SOC 2
CAIQ Lite
SIG Core
SIG Lite

Product Security

Role-Based Access Control
Audit Logging
Data Security
See more

Reports

Other Reports
PCI DSS
Pentest Report
See more

Self-Assessments

CAIQ Lite
SIG Core
SIG Lite

Data Security

Access Monitoring
Backups Enabled
Data Erasure
See more

App Security

Bot Detection
Responsible Disclosure
Code Analysis
See more

Access Control

Data Access
Logging
Password Security

Infrastructure

Anti-DDoS
Amazon Web Services
Azure
See more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
See more

Network Security

Data Loss Prevention
Firewall
Security Information and Event Management
See more

Corporate Security

Email Protection
Employee Training
Incident Response
See more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
See more

Security Grades

SecurityScorecard
All company assets
A
ImmuniWeb
Cloud Security Test of servicetitan.com
A
Qualys SSL Labs
ServiceTitan SaaS offering
A+
ServiceTitan .com
A+
See more

Trust Center Updates

ServiceTitan is NOT affected by Spring4Shell

A set of high-profile vulnerabilities have been identified affecting the popular Java Spring Framework and related software components (CVE-2022-22947, CVE-2022-22950, CVE-2022-22963, CVE-2022-22965) generally being referred to as Spring4Shell. ServiceTitan is not affected by these vulnerabilities.

Published at 03/31/2022, 10:28 PM

Log4j (CVE-2021-44228)

ServiceTitan was not directly affected by CVE-2021-44228; however, some 3rd party products were. All instances of Log4J in 3rd party products used internally have been patched. In an abundance of caution, ServiceTitan continues to monitor its environments for any re-occurrence as part of the company's regular vulnerability management program. In addition, we logged all attack attempts against our product and reproduced each one to confirm none of them were successful.

Published at 02/08/2022, 6:19 AM

If you think you may have discovered a vulnerability, please send us a note.