HCL Software is committed to delivering products which meet the stringent U.S. Federal government standards for secure supply chain. HCL Software has a U.S. Federal Government approved Product Integrity Policy. The policy is enforced by HCL’s U.S. Federal Government approved security officer, and U.S. Federal government approved 3rd party monitor. Elements of the policy include the following:
- • Source code, build and publication servers are housed in the U.S. and managed by authorized U.S. citizen personnel.
- • All released software has undergone HCL’s secure code scans with sign off from authorized U.S. citizen personnel.
- • Annual penetration testing with sign off from authorized U.S. citizen personnel.
- • On a quarterly basis a U.S. Federal Government approved third-party monitor performs software integrity testing.
For a more detailed view on HCL Software secure supply chain, please contact ImmixGroup