The Carbon Black Product Security Program secures our products from planning to development and deployment. It includes three primary components:
Product Risk Management Plan: a bottom up evaluation of the risks to product security, the mitigations in place to reduce risks and the areas we are investing to further reduce risks within our products.
Secure Development Lifecycle: activities during software development required to ensure security is deliberately considered during planning, development and release testing.
Security Response Center: monitoring for and responding to vulnerabilities in our products post-release.
A complete description is available in this technical whitepaper, including an overview of these components and the activities contained within.