The following outlines the processes at Digizuite addressing security but details are by design omitted and it is not the full exhausted list of initiatives.a. Before all releases – major and minor – a
Penetration Test
A penetration test is performed yearly by a 3rd party under the supervision of Digizuite’s security officer. Releases do not pass if there are critical, high, or medium issues identified which are not assessed and handled.
Critical and high - issues are Issues tagged as “low” (or similar) are assessed and a) added to the development backlog or b) addressed immediately.
b. Before all releases a static code analysis is performed using a 3rd party tool with focus on:
...