NEW

Start with the pressure: sales, launch, abuse, agents, data, or guardrails

Use the engagement router
aisecurityllc
Sign inStart AI Security Assessment
aisecurityllc
Start AI Security Assessment
← All profiles

Smartbear

smartbear.com

7 auth features

Our Apps for Your Stack

No direct integration matches detected — check back as we expand coverage.

Enterprise Onboarding

SSO / Identity Provider

No SSO vendor detected for this company. SAML 2.0 and OIDC configuration is available via the enterprise onboarding flow for any compliant IdP.
Authentication features(7 available)
TOTP / Authenticator AppPasskeys (WebAuthn)Magic Link / PasswordlessEncrypted Backup Codes+3 more
TOTP / Authenticator AppPasskeys (WebAuthn)Magic Link / PasswordlessEncrypted Backup CodesJWT API TokensCustom Password Policy· betaOrg-level MFA Enforcement· beta

AI Attack Surface

AI Subdomain2 signalsobserved 2026-06-23
agents.smartbear.com

agents.smartbear.com → 174.129.32.250 (+1)

platform.smartbear.com

platform.smartbear.com → 13.219.119.101 (+3)

Website Tech Stack

scanned 2026-06-24
Technologies detected (2)
LlamaIndexIntercom Fin

Job Posting Intelligence

24
Total jobs
0
AI security roles
10
Adjacent roles
0
Skill-washed
Hiring patterns detected
Agentic time bomb
Agentic AI in production with no observable AI security tooling
1 AI tool in JDs

Trust Scanner

0

Public Surface

0

AI Language

0

Legal Clarity

0

Security Trust

46

Consistency

100

Remediation Opportunity

Trust Scanner · ATG Scorecard

Smartbear · public trust surface

Public trust surface scored 7 with 10 positive detectors out of 74 across 5 pages. Higher remediation scores mean more visible work remains.

7

weak

Public Surface

Whether trust, legal, security, AI, methodology, and contact surfaces are discoverable and coherent.

0

0% signal

AI Language

Whether AI claims are specific, bounded, and tied to engineering evidence rather than generic positioning.

0

0% signal

Legal Clarity

Whether privacy, terms, contract, data-processing, and customer-facing boundaries are clear enough to review.

0

0% signal

Security Trust

Whether public trust artifacts explain controls, evidence, limitations, and escalation paths without oversharing.

0

0% signal

Consistency

Whether public claims, caveats, service language, and trust artifacts agree across the site.

46

46% signal

Remediation Opportunity

Whether the public surface makes the next improvement work obvious, scoped, and evidence-backed.

100

100% signal

Public-signal caveat

Based on public website signals and observed artifacts, not proof of any organization's internal security maturity.

public_claim_with_caveatsurface review

Observed artifacts · 10 of 10

privacy centerdata subject request portalcookie preferencesconsent managementCustomer Data Training PolicySecurity Practicessecurity txtunsupported maturityLegal HubAI Governance Hub

Top finding

high

Missing Secure SDLC

Describe the lifecycle controls that support secure development.

24 more findings
high

Missing Vulnerability Disclosure

Publish the disclosure path and safe-harbor terms together.

high

Missing Security Contact

Expose a clear public security contact or disclosure mailbox.

high

Missing Incident Response

State how incidents are detected, escalated, and communicated.

high

Missing Security Whitepaper

Provide a public security whitepaper when the product depends on trust-sensitive claims.

high

Missing Certifications

Only publish certification claims alongside a public attestation artifact.

high

Missing Security Overview

Add a concise overview of the security program and where the supporting evidence lives.

high

Missing Incident Communication

Document how customers are notified and where public incident updates live.

high

Missing Status Page

Link the status page from the trust surface if it is part of the buyer review path.

high

Missing Privacy Policy

Clarify what personal data you collect, process, retain, and disclose.

high

Missing Data Breach Notice

Explain how breach notification works and who is notified.

high

Missing Data Processing Addendum

Make the DPA request path easy to find for customers and partners.

high

Missing Subprocessors List

Publish a current subprocessor or vendor list with update cadence.

high

Missing AI Usage Policy

Explain how AI is used, reviewed, and bounded in public-facing products.

high

Missing Responsible AI Principles

Publish a short principle set that maps to actual product controls.

high

Missing Model Provider Disclosure

State which model or provider services are used and where customer data may flow.

high

Missing Prompt Logging Policy

Clarify whether prompts, conversations, and outputs are logged or retained.

high

Missing Model Card or System Card

Publish a model or system card if the site makes substantial AI claims.

high

Missing AI Evaluation or Safety Report

Provide a public evaluation or safety summary when AI claims are central.

high

Missing Transparency Report

Publish a public transparency report when the product makes AI capability claims.

high

Missing Model Limitations

Describe where the model or AI system fails, degrades, or needs human review.

high

Missing Feedback and Training Policy

Explain whether feedback data is reused for training or product improvement.

high

Missing Trust Center Discoverability

Make the trust center obvious from the site surface.

high

Missing Contact Paths

Surface public trust and support contact paths in a discoverable place.

high

Missing Footer Cross-links

Add footer links that make trust artifacts easy to reach.

Dimension maturity
public surface·Public SurfaceWhether trust, legal, security, AI, and methodology pages are visible and navigable.
ai language·AI LanguageWhether AI claims are specific, bounded, and paired with review or data-use language.
legal clarity·Legal ClarityWhether privacy, terms, DPA, subprocessors, and acceptable-use surfaces are visible.
security trust·Security TrustWhether security, vulnerability, incident-response, and contact paths are documented.
consistency·ConsistencyWhether claims, caveats, and trust artifacts are coherent across pages.
remediation opportunity·Remediation OpportunityWhether the public surface makes the next improvement work obvious.

Scanned 2026-06-23 · rules vtrust-scanner-rules.v1 · 8 artifacts probed