Application Security Testing

Application security testing occurs throughout the lifecycle. During development, code for the release is subject to continuous ongoing testing and review using methods that include commercial and in‑house automated toolsets. Manual testing, peer code reviews, and Dynamic Application Security Testing (DAST) are also part of our development testing process. These processes and tools are used to test the patches and hotfixes applicable to each supported version.

For added assurance, a third party tests every major release using a grey box methodology. Findings from this test are addressed and re‑tested as part of the release process. This ensures objective assessment of the cloud service before it is released to customers.