Trust Center

Start your security review
View & download sensitive information
Search items
ControlK

Talend maintains an Information Security Program to ensure the confidentiality, integrity, and availability of all computer and data communication systems while meeting the necessary legislative, industry, and contractual requirements.

Talend policies, procedures, and standards are based on the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001. In addition, we use an independent third-party body to audit our compliance with leading industry standards periodically.

AB InBev-company-logoAB InBev
AstraZeneca-company-logoAstraZeneca
Covanta-company-logoCovanta
Domino's Pizza-company-logoDomino's Pizza
GE Healthcare-company-logoGE Healthcare
GSK-company-logoGSK
Orange S.A.-company-logoOrange S.A.
Siemens-company-logoSiemens
SNCF-company-logoSNCF
TD Bank-company-logoTD Bank
Toyota-company-logoToyota
Western Union-company-logoWestern Union

Documents

Security Whitepaper
Pentest Report
Trust Center Updates

Product Security announcement - Apache Struts CVE-2023-50164

VulnerabilitiesCopy link

The security team is fully informed about the vulnerability CVE-2023-50164 affecting Apache Struts and has verified that Talend products are not affected.

In rare occasion, security scanner may trigger alerts on Talend ESB 7.3 because of legacy components that are no longer in use but still persist in the customer's filesystem. While Talend ESB 7.3 is not directly exposed to this vulnerability, a patch will be provided to further remove any dependencies toward Struts component.

Published at N/A

Product Security announcement - ActiveMQ CVE-2023-46604

VulnerabilitiesCopy link

Talend has been working diligently on addressing the ActiveMQ CVE-2023-46604 vulnerability situation throughout our Product portfolio.

Talend Product security team recommend customers to assess their exposure and apply the mitigation steps by updating the affected customer-managed components to the latest patch version.

Highly Recommended - if ActiveMQ broker is used

  • Talend ESB: patch 8.0.1-R2023-11, 7.3.1-R2023-12

Recommended - the following patches provide latest ActiveMQ client updates

  • Talend Studio: patch 8.0.1-R2023-11, 7.3.1-R2023-12
  • Talend Remote Engine: 2.13.1
  • Talend MDM: 8.0.1-R2023-11, 7.3.1-R2023-11

Talend have already implemented remediation and/or mitigations for the following Cloud offering

  • Talend Cloud
Published at N/A*

Product Security announcement - HTTP/2 Rapid Reset vulnerability CVE-2023-44487

VulnerabilitiesCopy link

Talend has been working diligently on addressing the HTTP/2 Rapid Reset vulnerability situation throughout our Product portfolio.

Talend Product security team recommend customers to assess their exposure and apply the mitigation steps by updating the affected customer-managed components to the latest patch version.

Talend have already implemented remediation and/or mitigations for the following Cloud offering:

  • Talend Cloud
  • Stitch

If additional details or assistance is needed, please contact our Support team on https://login.talend.com/support-login.php

Published at N/A

Talend is aware of and monitoring the HTTP/2 Rapid Reset vulnerability referenced as CVE-2023-44487.

Talend is scoping the remediation efforts throughout its Product portfolio and is in the process of developing fixes and remediations to address the vulnerability.

Published at N/A

Product Security announcement - CVE-2023-36301 affecting Talend Data Catalog

VulnerabilitiesCopy link

Talend's security team have released a new advisory for Talend Data Catalog. Talend recommend customers to assess their exposure and apply the mitigation steps by updating the affected components to the latest patch version.

Published at N/A

Talend response to MOVEit vulnerability (CVE-2023-34362, CVE-2023-35708)

VulnerabilitiesCopy link

The security team at Talend is fully informed about the vulnerabilities (CVE-2023-34362, CVE-2023-35708) in MOVEit software and has verified that Talend products and systems are not affected.

For reference:

Published at N/A*
Powered bySafeBase Logo