Q: Does AskCody have a formal set of R&D processes that information security requirements are embedded in and are they based on any industry standard or best practice?
A: New features, performance improvements, and bugfixes are deployed multiple times per week. While agile, our development cycle relies heavily on a strict system for code quality and security.
All code is peer-reviewed and requires multiple levels of acceptance on test/staging environments prior to deployment on production.
Key highlights for common questions:
- Changes are checked for security and errors via the extensive unit, integration, and static analysis tests.
- Production data is separated from development environments.
- We have completed rigorous reviews by internal security teams for multiple public companies.
- We track and trace the end-to-end R&D process and the software tools used by each open source or third-party software we use by Atlassian Jira