|Applies To||RSA Product Set: Web Threat Detection|
RSA Product/Service Type: Forensics
RSA Version/Condition: 5.0 - 6.2
|Issue||For our Customers' organizational security compliance they may need evidence that RSA develops secure applications and that build-organized and structured code based on programming guidelines is in place. Our Customers may inquire whether RSA uses a Secure Product Development Lifecycle process for Web Threat Detection – and to provide documentation that describes this. |
|Resolution||RSA Product Management has confirmed that RSA follows SDLC Guidelines, but there is no specific document for WTD. |
From the RSA Director of Information Security--
"RSA follows EMC’s Secure Development Lifecycle process. Public-facing information on that can be found at: https://www.emc.com/products/security/secure-development.htm."