Liferay Trust Center

Liferay understands how critical it is for our prospects and customers to find secure and compliant digital solutions for their business needs. We are committed to being not just a vendor, but a trusted partner for our customers.

Our focus is to ensure that the valuable information you entrust to us is secure and treated in accordance with the applicable data protection laws. As part of the FOSS community, we apply best practices when it comes to IP and FOSS licensing. We also believe in conducting business with integrity, ultimately fostering strong relationships with our customers and our community.

This Trust Center provides a comprehensive collection of resources designed to aid every customer’s due diligence process and demonstrate our commitment to security and compliance.

Overview

Overview

Liferay prioritizes security

  • Established in 2012, Liferay’s DXP Vulnerability Disclosure Program enables responsible reporting and swift patching for both internal and external vulnerabilities. 

  • As a CVE vendor, we actively contribute to the public record of known security issues (CVEs), empowering customers to stay current on critical security updates. 

  • Liferay’s SaaS offering builds upon the proven foundation of Liferay’s self-hosted product. This ensures a secure and scalable cloud-based solution, allowing customers to focus on content creation while we handle patching, upgrades, 24/7 monitoring, and ongoing security management.

Liferay's global presence is marked by a strong emphasis on data protection, designing products and offerings with robust security measures to safeguard information. This includes: 

  • Enforcing strict data access policies

  • Carrying out comprehensive vendor evaluations

  • Carefully selecting and regularly educating our employees

  • Consistently aligning our practices with the evolving landscape of privacy regulations. Additionally, our agreements explicitly outline our commitment to complying with all applicable data protection laws.

We adhere to the most current FOSS licensing compliance standards. We apply the community best practices to mark our own code. We offer our customers SBOM in ISO/IEC 5962 SPDX format (as well as CycloneDX, if required).

Liferay’s Code of Business Conduct and Ethics, our Environmental Social Governance report, our Anti-Slavery statement, and our Whistleblowing channel demonstrate that we prioritize integrity and compliance

Liferay France
29 rue Taitbout
75009 Paris
France
+33 (0)1 84 21 11 80
Liferay DXP
Conçu sur la Plateforme d'Expérience Digitale Liferay