Welcome to Cresta's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation. Our enterprise-grade security and data privacy program is designed to keep your customer data safe and secure. We rely on industry best practices, security product features, and comprehensive audits of our applications, systems, and networks to ensure that your data is always protected. Here is an introduction to Cresta’s security and data privacy practices. Have questions? If you have additional questions about our security program please reach out to your enterprise sales representative or email security@cresta.ai
Documents
Featured Documents
Cresta added GUIDEcx as a sub-processor for onboarding software.
Cresta added Cartesia AI as a sub-processor for TTS (text-to-speech).
Effective September 17, 2024, Cresta has discontinued using MosaicML.
Cresta added MosaicML as a sub-processor for LLM model inference.
Cresta added Atlassian as a sub-processor for project management / ticketing.
Cresta added Fireworks.ai as a sub-processor for LLM model inference.
Effective February 14, 2024, Cresta has discontinued using Optimizely.
Cresta is aware of the ongoing CrowdStrike incident, but is not affected by it. We are closely monitoring the situation and are staying in contact with CrowdStrike.
Cresta updated its Trust Center with new audit reports for SOC2 Type II, ISO27001/27701 and HIPAA.
Cresta is aware of CVE-2024-3094, related to malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. Cresta does not use the affected versions.
Cresta is aware of CVE-2023-44487 also known as "HTTP/2 Rapid Reset attack", related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. Mitigations were implemented to address the vulnerability.
If you think you may have discovered a vulnerability, please send us a note.