Fullstory’s behavioral data platform helps technology leaders make better, more informed decisions. By injecting digital behavioral data into their analytics stack, our patented technology unlocks the power of quality behavioral data at scale–transforming every digital visit into actionable insights.
With Fullstory, enterprise businesses move closer to their customers and closer to success. When organizations understand their customers like never before they’re able to create world-class experiences that increase funnel conversion, easily detect malicious behaviors and fraud, and identify their highest-value customers effortlessly.
FullStory's PSIRT has been tracking the disclosure of a backdoor in the popular open-source package, xz. FullStory can confirm that our infrastructure does not use any of the impacted versions of xz, nor does that infrastructure use any of the impacted versions of operating systems that had shipped a vulnerable version. We will continue to monitor threat intelligence and news sources for any information that may require an update to this posting.
FullStory is now ISO 27017 and ISO 27018 certified... and our new ISO 27001 and 27701 certificates are here!
ComplianceCopy linkTrust is one of our core watchwords and we hold our responsibility as protectors of our customers' information in the highest regard.
We are happy to say that our latest ISO certificates are now available, including our brand new ISO 27017 (Information Security in the Cloud) and ISO 27018 (Data Protection in the Cloud) certificates!
Our ISO 27017 certificate is available here
Our ISO 27018 certificate is available here
Our new ISO 27001 certificate is available here
Our new ISO 27701 certificate is available here
Our Statement of Applicability for all four is available here
Trust is one of our core watchwords and we hold our responsibility as protectors of our customers' information in the highest regard. We are happy to say that our latest Penetration Test Executive Report is now available.
Our Penetration Test Executive Report is available here
Response to customers
FullStory's PSIRT has been tracking the announcement of CVE-2023-38545, a high-severity vulnerability impacting the open-source library, libcurl (patched in version 8.4.0). A blog post by the author of libcurl has shared specific details on the vulnerability and necessary circumstances that would allow for exploitation of this issue. Having reviewed the technical findings, FullStory has no exposure to this particular CVE. Patching of this issue will take place during regular patch management processes, as is the case with many other CVEs that are always being released.
If you need help using this Trust Center, please contact us.
If you think you may have discovered a vulnerability, please send us a note.