Demo Software Company

Contact
Rating
Products
About Us
this store is used for testing purpose only, product that are associated with his company is not real one.
Security Self-Assessment Q & A
Self assessment is to provide potential customers some peace of mind about the safety of software they purchase. Tridium does not perform any verification of answers to this questionnaire and the issuance of a self assessment security badge is based solely on the answers to these questions. Customers who would like additional assurances about the safety of a listing are encouraged to take additional steps to ensure safety.

Q. Do you document and perform quality and cybersecurity reviews and testing, including vulnerability scanning covering static, dynamic, and secure code testing using best practices prior to release?

A. the

Q. Do you warrant that products have been developed in accordance with principles of secure software development best practices such as OWASP, CSA & IEC62443 including security design review, secure coding practices, risk-based testing?

A. done

Q. Do you perform audits or other reviews of your software to warrant that security controls are being implemented and operating effectively? If not, please explain.

A. completed

Q. Do you have a publicly documented process for managing security vulnerabilities in your application(s)? What is your process for managing and communicating security vulnerabilities in your application?

A. testing

Q. If compliant on previous question, do you warrant that all vulnerabilities rated critical and high have been remediated before making your product available on the Niagara Marketplace?

A. no

Q. Do you warrant you have removed unnecessary features, components, back doors, files, protocols, and ports from your software or product your are offering through the Niagara Marketplace? That is, does it weaken the Niagara Framework?

A. nooo

Q. Do you have a formal change control and release management processes to manage code changes?

A. for

Q. Do you perform Input Data Validation checks on your product to verify that the inputs (e.g., character set, length, numerical range, and acceptable values) match specified definitions for format and content to prevent injection attacks?

A. data

Q. Do you monitor for known vulnerabilities from common sources such as OWASP, CVE, NVD, etc. and apply recommended patching to your product? Also, do you maintain an up-to-date security vulnerability management plan for all your software products?

A. done

Q. Are your products digitally signed?

A. Products

Q. Is the Open Source Software (OSS) appropriately licensed for use in your product to be offered on the Marketplace? If so, please provide a list of open source software (OSS) and versions utilized in your project.

A. open

Q. Are all personnel required to sign Non-Disclosure Agreements (NDA) or Confidentiality Agreements (CA) as a condition of employment to protect customer information?

A. are

Q. Are all of your developers trained on secure SDLC practices?

A. all

0
Average Rating (0)
0% positive feedback
0
Average Price Rating (0)
5 Star ()
4 Star ()
3 Star ()
2 Star ()
1 Star ()
0
Average Value Rating (0)
5 Star ()
4 Star ()
3 Star ()
2 Star ()
1 Star ()
0
Average Quality Rating (0)
5 Star ()
4 Star ()
3 Star ()
2 Star ()
1 Star ()