At LivePerson, security is a top priority and key for enabling trusted, meaningful engagements.
LivePerson's comprehensive security model and practices were developed based on:
- Years of experience in SaaS operations
- Close relationships with Enterprise customers' security teams
- Frequent assessments with independent auditors
- Active involvement in the security community
LivePerson's comprehensive security compliance program helps ensure adherence to internationally recognized standards and exceed market expectations. Some of the standards LivePerson comply with include:
- SSAE16 SOC2
- ISO27001
- PCI-DSS via Secure Widget
- Japan's FISC
- SafeHarbor
- SOX
LivePerson develops their applications under a strict and controlled Secure Development Life-Cycle: Developers undergo secure development training, and security architects are involved in all major projects and influence the design process. Static and Dynamic Code Analysis is an inherent part of the development process and, upon maturity, the application is tested for vulnerabilities by an independent penetration testing vendor. On average, LivePerson undergoes 30 penetration tests each year.