Policy & principles
Software is built under our Secure Development Policy and documented secure engineering principles.
Code & change controls
- All code is managed in a version control system, with MFA enforced for access.
- Changes go through peer code review, and security impact is considered in merge requests.
- A documented change management procedure governs how changes are planned, tested and released, and changes affecting the ISMS follow a change planning and implementation process.
Environments
Development, test and production environments are separated, and production data is not used in test environments.
Request the Secure Development Policy under NDA