Temporal Technologies Inc.

Temporal Technologies Inc.

Search the Trust Center...
Ctrl +K

Temporal Technologies Inc. | Trust Center

Everything you need to complete your security review is here. Browse documents, certifications, and compliance details with confidence. Our Trust Center is regularly updated to reflect the latest audit results, and subprocessor disclosures.


Badges

gdpr
GDPR
hipaa
HIPAA
ccpa
CCPA

Quick Summary

One or more annual third-party audit(s)

Annual third-party penetration testing

Has a disaster recovery plan

Subprocessors list available

Has cyber insurance

Uses a centralized IAM solution (SSO) to manage employee access

Has a privacy policy


Announcements

CVE-2026-5724

CVE published in Temporal Server from versions 1.24.0 before 1.28.4, 1.29.0 before 1.29.6, 1.30.0 before 1.30.4, and 1.31.0 before 1.31.2. We recommend upgrading Temporal Server to the most updated unaffected version.


CVE-2026-5199 | CVSS 2.3 (Low)

Summary: CVE-2026-519

Recommended Action for OSS Users: Upgrade to v1.29.5 or v1.30.3. Version 1.28 is not affected.


CVE-2025-14987 and CVE-2025-14986

CVEs published for Temporal OSS server: CVE-2025-14987 and CVE-2025-14986

We recommend upgrading Temporal Server to 1.27.4, 1.28.2, or 1.29.2.


CVE-2025-8396

CVE published in Temporal OSS server default authorizer.

We recommend upgrading Temporal Server to 1.26.3, 1.27.3, 1.28.1 or later.


Salesloft Drift Security Incident

We’re aware of the Salesloft Drift security incident affecting some Salesforce customers. We do not use Drift; our systems and customer data were not impacted by this incident.


CVE-2025-1243

CVE published in Temporal api-go library from versions 0 to before 1.44.1. We recommend customers using both the proxy package and a gRPC proxy upgrade the Temporal api-go library to the most updated unaffected version.


Microsoft + Crowdstrike Systems Outage

We are aware of the outage involving Microsoft systems and Crowdstrike. We have determined that neither Temporal Cloud nor our internal systems are impacted by this event. You can check the status of Temporal Cloud at https://status.temporal.io/.


CVE-2024-2689

CVE published in Temporal Server from versions 0 before 1.20.5, 1.21.0 before 1.21.6, and 1.22.0 before 2.22.7. We recommend customers upgrade to Temporal Server to the most updated unaffected version.


CVE-2024-2435

CVE published in UI server from versions 2.16.2 before 2.25.0. We recommend customers upgrade to ui-server v2.25.0+.


CVE-2024-3094: XZ Utils

We are aware of the recently disclosed vulnerability CVE-2024-3094, which involves manipulation of the xz utility from at least version 5.6.0.
Following internal investigation, we have determined that Temporal Cloud and the Temporal OSS server image are not impacted by this vulnerability.


CVE-2023-3485

2023-07-03: CVE-2023-3485 published. We recommend customers upgrade to 1.20 or later. If unable, the dynamic configuration option frontend.enableTokenNamespaceEnforcement should be set to true.



Documents & Knowledge Base FAQs


What we offer

Temporal Cloud

Temporal Cloud is a platform that guarantees the Durable Execution of your application code.

It enables you to develop as if failures don't even exist. Your application will run reliably even if it encounters problems, such as network outages or server crashes, which would be catastrophic for a typical application. The Temporal Platform handles these types of problems, allowing you to focus on the business logic, instead of writing application code to detect and recover from failures.

Typical data access: Username, Email Address, Business Workflow State

Certifications: SOC 2 Type 2, HIPAA


Subprocessors
7

Subprocessor
Location of Processing
Usage Details
Auth0

Auth0

United States
Authentication
AWS

AWS

Customer-Defined Jurisdiction
Infrastructure for Namespaces that customers decide to host in Amazon Web Services. Control plane.
Elastic

Elastic

Customer-Defined Jurisdictions
(Optional) Visibility, monitoring and analysis of business and operational data for Namespaces hosted in Google Cloud or Microsoft Azure.
Google Cloud

Google Cloud

Customer-Defined Jurisdictions
(Optional) Infrastructure for Namespaces that customers decide to host in Google Cloud.
IBM

IBM

Customer-Defined Jurisdictions
Datastax Database
Microsoft Azure

Microsoft Azure

Customer-Defined Jurisdictions
(Optional) Infrastructure for Namespaces that customers decide to host in Microsoft Azure.
WorkOS

WorkOS

United States
Customer identity and access management platform
Last updated . .
View as:

Trusted by

Powered by Conveyor, the first end-to-end customer trust platform.
Learn more