What we do and how we do it matters!
HP Software is well aware of the responsibility it has to provide the best solutions possible while assuring our products are secured to provide our customers the appropriate information protection. To achieve this, HP software has adopted security industry best practices and adapted those to our own products and business processes. We have established industry leading Software Secure Design & Coding techniques and a comprehensive security lifecycle management framework to support an end to end product development & shipment.
Our ISO 27001:2013 certification demonstrates that we implement and maintain the highest security standards in our Enterprise Software Security Center to assure secure delivery of our software products.
Security Lifecycle Management framework
Security Lifecycle Management framework components
Our product security lifecycle is built from grounds up - all key personnel involved in the product lifecycle are equipped with a comprehensive set of tools to deal with today's threat landscape
Requirements & planning
Define the required product security level, prepare a product security plan and high level specifications
Perform a threat assessment and build product architecture & design with appropriate mitigation in place
Build secure product implementation and perform 1st level of security testing
Verify product security posture via comprehensive and independent product security testing
Perform final security validations and approve product version for release
Maintain a secure product according to evolving attack trends and customers feedbacks