At Raidboss, we care a lot about the security and process of vulnerability management. We defined a formal process to deal with vulnerabilities no matter what is the source and how it was identified.
Below are the key steps of our process that helps us reduce the frequency of vulnerabilities arise and mitigate an affected area.
Identifying
This step entails manual routines and a set of automated tools to test vulnerabilities our systems at all levels. Both approaches are the part of our daily development process.
Evaluating
Once issue is reported our security team analyzes the impact and prepares a plan of immediate actions to mitigate risks immediately and a plan of internal research to find out the root cause in the development process which made this vulnerability possible.
Remediating
Based on the plan from the previous step, we apply immediate actions to mitigate the risk as soon as possible.
After the issue been fixed, we start an internal procedure to make a consistent and reliable changes in our development process to reduce the risk of new vulnerabilities.
Reporting
We believe transparency is a key element of healthy relationships with our customers.
Therefore we communicate all the details closely to customers affected by the particular incident.
Contact us at security@raidboss.io in the case of any security-related questions.