Throughout the product development lifecycle, application security is continuously tested and
improved.
Jive Software audits all new feature designs for high-level security considerations.
Implementations of these features are validated for potential security issues throughout
the development phase. Existing features are audited for security vulnerability
regressions. Application-wide audits are performed to ensure that feature integration is
secure. Third-party components used by Jive are researched and
tracked over time for vulnerabilities and license compliance.
Development includes the following security checks:
- Source code reviews - if you'd like to see screenshots from our source code
review tool, contact your Jive Software representative.
- Automated penetration testing - each release of the application is tested with
IBM's state-of-the-art security product, AppScan. In addition, we offer AppScan
test results from your instance. Contact your Jive Software representative about
this service.
- Vulnerability management - Jive Software relies on its own documented release
procedure to manage vulnerabilities, which includes a timeline for fixing
issues, communicating them to customers, and providing patches.
- Third-party audits - Jive Software performs annual audits across the core
product for each hosted service, including black box and white box analyses. If
you would like to see these reports, please contact your Jive Software
representative.