Security is at the heart of what we do
—helping our customers improve their security and compliance posture starts with our own.
We perform penetration testing internally for our production systems, including black-box, gray-box and white-box types of testing. We also order external penetration testing periodically.
All areas of our product and cloud infrastructure are in-scope for these assessments.
We employ vulnerability scanning at multiple stages of our Secure Development Lifecycle (SDLC):
Static analysis (SAST) at build time.
Software composition analysis (SCA) to identify known vulnerabilities in our software supply chain.
Network vulnerability scanning on a periodic basis