Trust & Security Center

Treasure Data has reviewed and updated the SIRP, as well as conducted a corresponding tabletop exercise. Treasure Data’s annual Security Incident Response tabletop exercise provides an opportunity to follow a Security Incident Response scenario from start to finish using a discussion-based exercise format. Customers can obtain Treasure Data’s most recent SIRP and Test Results by clicking on the Security Incident Response Planning & Testing card in the “Documents” section of our Trust & Security Center.

Treasure Data has reviewed and updated the BC/DR Plan, as well as conducted a corresponding tabletop exercise. Treasure Data’s annual BC/DR tabletop exercise provides an opportunity to practice and prepare for availability-related incidents in a controlled environment. It also allows the Treasure Data teams to test their plans, procedures, and coordination without the pressure of a real incident. Customers can obtain Treasure Data’s most recent BC/DR Plan and Test Results by clicking on the BC/DR Planning & Testing card in the “Documents” section of our Trust & Security Center

Treasure Data is excited to announce the completion of our annual independent External Network penetration testing of our Customer Data Platform (CDP) for 2025. Treasure Data engaged a penetration testing third party, NetSPI LLC., to conduct External Network testing of Treasure Data in a production environment between September 15-19, 2025. Customers can obtain the External Network Penetration Testing Results Report under the "Documents" section of our Trust and Security Center. This report includes the External Network Penetration Test summary of findings & results, and the remediation plan by Treasure Data for any identified vulnerabilities. The translated Japanese version will be released next week.

We’re excited to announce that Treasure Data has achieved CSA STAR for AI Level 1. This self assessment contains 243 control objectives distributed across 18 security domains. It maps to leading standards, including ISO 42001, ISO 27001, NIST AI RMF 1.0, and BSI AIC4 and guides us to develop, implement, and operate AI technologies in a secure and responsible manner.

To further show our commitment to responsible AI development, Treasure Data has also signed the CSA AI Trustworthy Pledge. The Pledge is CSA’s high-level framework of principles for responsible AI development and we have committed ourselves along with other organizations in a responsible AI future. We are dedicated in having a responsible and trusted AI platform that you can rely on in securing your data.

Treasure Data is pleased to announce the successful completion of our 2025 annual independent penetration testing for the Customer Data Platform (CDP) APIs and Web Application. We engaged the third-party security firm NetSPI LLC to conduct these comprehensive assessments in a production environment. The API testing was conducted from March 10–21, 2025, followed by Web Application testing from June 16–20, 2025. Customers can now access the full API and Web Application Penetration Testing Results Reports, which include a summary of findings and Treasure Data's remediation plans, in the "Documents" section of our Trust and Security Center.