All of our applications go through regular automated security testing which starts with Static Code Analysis to identify any security flaws. Our product teams then performs Dynamic Application Security Testing (DAST) on an application before any automated penetration testing (PEN) is conducted by third party cyber security specialists.
Combined together, these all help identify any potential security vulnerabilities which may have been introduced during the development cycle. Any P1 security issues found are fixed immediately by the specific Hexagon ALI Product Team. The product will not release until all vulnerabilities above a given threshold are resolved.