Security Scanning

During development of Data and AHD, scans and tests are continuously run to ensure that the security best practices are respected and that there are no new vulnerabilities.

These controls are run using industry standard tools.

When a new vulnerability is found by any of the security tools used, a new Data patch release is promptly created by Smeup LAB and made available for all users. All Data instances that have Continuous Deployment configured will automatically be updated to the new, secure release.

Dependabot

Dependabot is used to automatically detect dependencies that have known vulnerabilities.

OWASP ZAP

ZAP is used to assess and test Data to discover security risks and vulnerabilities.

AWS Inspector

AWS Inspector performs continuous scans of the container images used by Data, ensuring that not only our own software, but the entire supply chain is secure.

Dependabot​

OWASP ZAP​

AWS Inspector​

Dependabot

OWASP ZAP

AWS Inspector