Security is foundational to a hiring platform. This page summarises the controls and practices we use to protect your workspace and candidate data.
Encryption
All data is encrypted in transit with TLS 1.2+ and at rest with AES-256. Database backups are encrypted with rotating keys.
Access control
- Role-based access for super admins, company admins and company users.
- Row-level security on every multi-tenant table.
- Optional SSO / SAML on Enterprise plans.
Infrastructure
The Service runs on hardened, audited cloud infrastructure with regional data residency options. Production access is restricted to a small on-call team and fully audit-logged.
Application security
- Dependency scanning and automated security updates.
- Continuous static analysis and code review on every change.
- Annual third-party penetration testing.
Incident response
We maintain a documented incident-response plan and notify affected customers without undue delay where required by law or contract.
Report a vulnerability
Please email security@itester.com with details. We acknowledge reports within two business days.