Handshake has successfully completed its PCI DSS v4.0.1 assessment as a Service Provider, using the Self-Assessment Questionnaire D (SAQ-D). The assessment and resulting Attestation of Compliance (AOC) were completed by a Qualified Security Assessor (QSA) from our independent auditor.

As part of our commitment to transparency and security, we’ve made both the AOC and our PCI Responsibility Matrix available for download to our customers through our Trust Portal. These documents outline our compliance status and clarify the shared responsibilities between Handshake and our customers when handling cardholder data.

Thank you for your continued trust and support.

The Handshake Security Team.

We are pleased to inform our customers that we have successfully issued our SOC 2 report for Handshake Education and Handshake Basic, Plus, Talent Engagement Suite and Talent Essentials system. The report was designed and implemented throughout the period March 1, 2024 to February 28, 2025, in accordance with the description criteria. This achievement underscores our ongoing commitment to maintaining the highest standards of data security and privacy. For more details, please visit our Trust Portal.

Thank you for your continued trust and support.

The Handshake Security Team.

Handshake Latest Penetration Test Results

Dear Valued Customer,

We are pleased to announce the results of our latest penetration test, conducted in the second quarter of 2025. The assessment aimed to identify potential vulnerabilities and ensure the security of our systems. A letter of attestation can be downloaded from our trust portal.

Key Findings

• No Critical or High Findings: The penetration test revealed no critical or high-risk vulnerabilities that remain unaddressed.

Commitment to Security

At Handshake, we prioritize the security of our systems and data. Regular penetration testing is a key component of our proactive security strategy. We continually monitor and enhance our security practices to protect against emerging threats.

Thank you for your trust in us!

Best regards,

Handshake Security Team.

Successful Completion of PCI Audit and Availability of AOC.

Dear Valued Customer,

We are excited to inform you that we have successfully completed our PCI audit and have received our Attestation of Compliance (AOC) from our Qualified Security Assessor (QSA). This achievement demonstrates our commitment to maintaining the highest standards of security and compliance. To provide you with the utmost transparency and assurance, we have made the AOC available on our customer trust portal. Alongside the AOC, you will also find our responsibility matrix, which outlines the roles and responsibilities regarding our compliance efforts.

We understand the importance of security and compliance in your business operations, and we are dedicated to continuously improving our processes to meet your needs. Should you have any questions or require further information, please do not hesitate to reach out.

Thank you for your trust and partnership.

Best regards,

Handshake Security Team.

We want to address a recent security incident involving the company Snowflake. Please rest assured, Handshake does not use Snowflake and is not affected by this incident. We are keeping an eye on the situation. At Handshake, the security of your data is our priority.