The product shall be designed, developed and produced:

  • With an appropriate level of cybersecurity based on risk assessment (“secure by default”)
  • To limit attack surfaces, including external interfaces
  • To reduce the impact of incidents through effective mitigation measures

The product in operation at the customer site shall:

  • Record and/or monitor relevant internal activity (including access to data)
  • Report data corruption
  • Receive security updates to address vulnerabilities (patching for five years or for the product life cycle if shorter)

Our internal cybersecurity measures include, but are not limited to:

  • Security teams in all regions
  • Security Operations Center
  • Advanced endpoint protection
  • Encrypted storage and traffic
  • Real time traffic monitoring
  • Advanced firewalls
  • Spam filter and suspicious mail reporting
  • Internal and external penetration testing
  • Network scanning tools
  • End-user training and education 

Our product security measures include, but are not limited to:

  • Secure-by-design policies, processes and best practices
  • Product Security Incident Response Team (PSIRT) and Open Source Compliance Officer (OSCO)
  • Partnership with CERT@VDE for security advisories
  • Product Security Subject Matter Experts (SMEs) within R&D Teams
  • Software Composition Analysis (SCA), source code quality scanning, Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST) and penetration testing (both internal and by third parties)
  • Secure-by-design training courses for R&D teams 
我想...
需要帮助吗?
我们的顾问很高兴为您提供服务.