Security has always been at the forefront of ManageEngine's priorities. With this agenda on our minds, the development process of ADSelfService Plus includes multiple stringent security measures to ensure that the solution stays secure and strong while effectively catering to the security requirements of your organization.
The ADSelfService Plus team has a rigorous testing process to identify security issues at every stage of the solution's development. We make sure to fix any issue reported as soon as possible, whether it is identified by our internal teams or external communities, experts, or organizations such as Veracode, who we have partnered with to conduct manual pen tests on ADSelfService Plus.
Here's how we prevent vulnerabilities during the product development cycle:
ADSelfService Plus has a team of security experts who follow various security procedures at different stages of feature development to ensure that the product is secure against cyberattacks. We perform the following tests based on the standards advised by the Open Web Application Security Project.
Besides the ADSelfService Plus security team, there's also a dedicated security team at ManageEngine whose goal is to ensure that all ManageEngine products comply with stringent IT security norms. The ManageEngine security team performs the following tests on ADSelfService Plus before every release:
Apart from the procedures mentioned above, we also conduct bug bounty programs where individuals or groups from within ManagEngine or external people, communities, and security experts can notify us if any vulnerability in our solutions has been identified. We will immediately begin working on developing and releasing a fix for the vulnerability in such cases. Here's what we do if a vulnerability is reported:
The ADSelfService Plus team has partnered up with Veracode, an independent application security company, to conduct manual pen tests on ADSelfService Plus so that we get a third-person perspective on the security footing of the solution. The company will also conduct these tests yearly on our mobile apps for iOS and Android.
When we release vulnerability fixes, there are several ways we let customers know:
Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here