Here at Code we take security very seriously and understand that our customers demand the highest levels with no compromise.
Our product, Clobba, is regularly subjected to penetration testing by third parties and we have just completed our latest test conducted by ECSC which Clobba passed, being free from any high risk vulnerabilities.
The purpose of this engagement was to assess and review the overall security posture presented by the Clobba application and to determine the presence of any vulnerabilities that could result in the system being compromised. During the engagement, ECSC identified several good security practices throughout the application. These practices helped mitigate multiple attack vectors, specifically vectors that exploit vulnerabilities within user input such as Cross-Site Scripting and SQL injection. In addition, these observed practices help lower the overall attack surface of the application.
In addition to the Penetration Test Code has also successfully passed the IASME Cyber Essentials accreditation which certifies that Code’s ICT defenses were assessed as satisfactory against commodity based cyber attacks.
We will continuity to prioritize our security processes both within our software and across our organizational procedures.