What we do and how we do it matters!

HP Software is well aware of the responsibility it has to provide the best solutions possible while assuring our products are secured to provide our customers the appropriate information protection. To achieve this, HP software has adopted security industry best practices and adapted those to our own products and business processes. We have established industry leading Software Secure Design & Coding techniques and a comprehensive security lifecycle management framework to support an end to end product development & shipment.

Security Lifecycle Management framework

Security Lifecycle Management framework components

Education

Our product security lifecycle is built from grounds up - all key personnel involved in the product lifecycle are equipped with a comprehensive set of tools to deal with today's threat landscape


Requirements & planning

Define the required product security level, prepare a product security plan and high level specifications


Design

Perform a threat assessment and build product architecture & design with appropriate mitigation in place


Implementation

Build secure product implementation and perform 1st level of security testing


Verification

Verify product security posture via comprehensive and independent product security testing


Release

Perform final security validations and approve product version for release


Response

Maintain a secure product according to evolving attack trends and customers feedbacks