July 7, 2021

LMS365 Strengthens App Security by Achieving the Highest Veracode Certification

LMS365 is dedicated to becoming the trusted SaaS learning platform by creating software free from security vulnerabilities with secure coding practices and strong development processes. As part of our commitment to security, we are excited to share that LMS365 is now verified by 3rd party security experts Veracode, reaching the highest level of the Verified program, Veracode Verified Continuous.

As cybercrime becomes a rising threat for organizations around the world, LMS365 has partnered up with Veracode to continuously ensure that our application security is of the highest level, making LMS365 safe to use for all customers and partners.

Veracode, the leading AppSec partner for creating secure software, can ensure that weaknesses and vulnerabilities in the software application are identified and dealt with early in the development cycle, therefore preventing serious security breaches.

 

“Our customers have ever-increasing demands for app security, and we are very committed to protecting their data. The Veracode certification is the latest milestone in our continued efforts in securing our LMS365 app and customers can be confident that security is a top priority for us – and now, it’s backed by one of the most trusted names in the industry.”

Freddy Bang, VP R&D, LMS365

 



What is Application Security?

Application security (AppSec), different from information security, happens in the software development lifecycle (SDLC), which includes stages like design, coding, testing, and maintenance.

The Veracode Verified Continuous builds on the security processes embedded in the development life cycle from the Verified Team and includes the following 3 steps:

  • Static Analysis Security Testing (SATS): This step scans and review the source code directly within the Integrated Development Environment (IDE) Visual Studio and the Azure DevOps build pipeline used by the LMS365 development team and helps ensure that secure coding policies are enforced. SATS provides automated feedback and prevents new and existing code with any known security vulnerabilities from being added to the LMS365 environment.
  • Software Composition Analysis (SCA): This step involves the management of security & license risk of the third-party components used in the LMS365 product. Veracode SCA finds open source dependencies for known vulnerabilities and provides update recommendations for the third-party libraries when required to avoid vulnerabilities and hereby reduce the risk of data breaches.
  • Dynamic Analysis Security Testing (DAST): This step involves an automated penetration and continuous scanning of the fully compiled or packaged software, configurations and settings running regularly as part of the LMS365 Software release cycle. The Veracode DAST engine stays up to date on cybersecurity patterns and hackers’ behavior to identify any new potential risks.

If an incident is being detected, the LMS365 Team receives a report and often commits to resolving the issue within 7 days.

A Commitment to Application Security

LMS365 will be validated and monitored by the latest technology from Veracode on an ongoing basis, which demonstrates a commitment to application security for all LMS365 customers.

 

“Knowing our applications are Veracode Verified out-of-the-box saves considerable time and effort to lock down our solution and validates the level of security that the LMS365 Development Team have incorporated into our development processes. Working with Veracode, has also been very helpful for meeting the requirements in the Microsoft 365 Certification process.”

Freddy Bang

 

The team at LMS365 knows that customers want applications that are secure and safe. LMS365 is committed to keeping the highest security level with Veracode, a process that holds the LMS365 team accountable to experts in the field of app security.

Find LMS365’s listing in the Veracode Directory here.