Security

We are following secure software development standards, and modern security practices when building infrastructure and systems. We are aiming to constantly apply principles such as least privilege, zero trust, defense in depth, and shift left. We are also aiming to automate as much as possible, and to have a clear audit trail of changes. This is to ensure that we can quickly identify and respond to security incidents, and to ensure that we are compliant with any relevant regulations.

Shift left principles

We are following the shift left principle when it comes to security. This means that we are aiming to catch security issues as early as possible in the development process. This is to ensure that we are not introducing security vulnerabilities into our codebase, and to ensure that we are not introducing security vulnerabilities into our infrastructure. We are doing this by using automated security testing tools, and by having security reviews of our code and infrastructure. This can be seen in the SAST section.

Shift left principles​

Shift left principles