Tricentis Security
Trust
Tricentis strives to implement and continuously execute a proactive strategy for security and compliance. As a leader in test automation for cloud and enterprise applications, we are dedicated to providing peace of mind to our customers by applying policies and procedures designed to keep our data, platform, and products secure. Although no security program is 100% immune to compromise, we utilize security controls that exceed the standards for the environments in which we operate.
Compliance
Our security program is designed to mitigate risk using a combination of industry best practices and published standards:
SOC 2 Type 2
Tricentis conducts a SOC 2 Type 2 audit on an annual basis to test the design and operating effectiveness of the controls relevant to Security and Availability. A SOC 2 audit is performed to provide our customers with the assurance that we have the controls in place to protect their information and data through secure systems. Tricentis currently undergoes SOC2 Type 2 for qTest, Testim, VisionAI, Tricentis Test Automation, Tricentis Test Automation for Salesforce, and Tricentis Test Management for JIRA.
Tricentis conducted a SOC2 Type 1 audit for Vera in 2023 with the goal of it undergoing Type 2 in 2024.
SOC2 reports can be requested from your Tricentis sales representative. The SOC3 report can be downloaded from here.
ISO/IEC 27001
Tricentis’ Information Security Management System (ISMS) is certified through the ISO 27001 standard annually, over a 3-year certification cycle. ISO 27001 tests against the requirements for the establishment, implementation, maintenance and continual improvement of the ISMS. An ISO 27001 audit is performed to demonstrate to our stakeholders that information security is taken seriously. In-scope products are Tricentis Tosca and VisionAI, LiveCompare, qTest, NeoLoad, Testim, Vera, Tricentis Test Automation, Tricentis Test Management for JIRA, and Tricentis Test Automation for Salesforce.
An ISO 27001 certificate can be requested from your Tricentis sales representative.
ISO 9001
Tricentis’ Quality Management System (QMS) is certified through the ISO 9001 standard annually, over a 3-year certification cycle. ISO 9001 tests against the requirements for the establishment, implementation, maintenance and continual improvement of the QMS. An ISO 9001 audit is performed to demonstrate to our stakeholders that quality management is taken seriously. In-scope products are Tricentis Tosca and VisionAI, LiveCompare, qTest, NeoLoad, Testim, Vera, Tricentis Test Automation, Tricentis Test Management for JIRA, and Tricentis Test Automation for Salesforce.
An ISO 9001 certificate can be requested from your Tricentis sales representative.
Pillars
Tricentis’ security program delivers against well-established pillars of trust.
Disclosure
Responsible Disclosure
If you have discovered a vulnerability in a Tricentis application, please don’t share it publicly. Instead, please submit a report to us through a support ticket. We review all security concerns that are submitted and we strive to stay aware of the latest security developments by monitoring the threat landscape and by working with external security researchers and companies.
If you believe your account has been compromised or you are seeing suspicious activity on your account, please report it to your application administrator and support@tricentis.com.
