Software Security Process

Does Elasticsearch have a document/link that describes the steps an Elasticsearch release goes through (source scanning, penetration testing, etc) to detect software vulnerabilities in its code and the code of its dependencies?

I've reviewed the Elasticsearch Security and Compliance page; however, this doesn't mention directly anything about this aspect of security. Possibly it is covered by one or more of the existing Elasticsearch certifications.

It'd be best to reach out to, they will be able to help you :slight_smile:

Thanks Mark, I'll do that.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.