Request demo

Security in Software Development at SmartWinnr

How does Security fit into SmartWinnr software development life-cycle?

Agile processes usually do not have distinct SDLC phases, and this inhibits superposition of older, traditional approaches to gating releases through security checkpoints.

At the same time, agile workflows let us fix any vulnerabilities quickly, especially in our cloud services. We have a strict internal policy on timeframes for fixing any security issues that have been found.

What security reviews are undertaken before release of new code?

We continously assess the security of all our products.

Developers conduct code reviews regularly, pre-commit and post-commit in some cases, although these reviews are not specifically security-targeted. The SmartWinnr Security team performs regular targeted code reviews, manual and tools-assisted. From time to time, we engage 3rd party auditors to do wide-scope security reviews for all our products.