Development Lifecycle
Our proactive shift left approach to making security an integral part of our development process ensures we detect and address vulnerabilities and design flaws early in the development cycle. By integrating security into every stage of the development lifecycle, we improve our software quality and reduce vulnerabilities while minimizing manual intervention and potential human error.
Our Security team is involved early in the design process and identifies real and potential issues, which are logged in a ticketing system. Throughout development and before release we conduct subsequent reviews and automated scans for common vulnerabilities. Scans go beyond our own code to include third-party libraries and container images. We list any Common Vulnerabilities and Exposure (CVE) issues on our Security Bulletins along with the fix applied and any workarounds.