The following information is found in the online product documentation under SDLC and SDL.
The Recovery Manager for Active Directory team follows a strict Quality Assurance cycle.
- Access to source control and build systems is protected by domain security, meaning that only employees on Quest’s corporate network have access to these systems. Therefore, should a developer leave the company, this individual will no longer be able to access source control and build systems.
- All code is versioned in source control.
- All product code is reviewed by another developer before check in.
In addition, the Recovery Manager for Active Directory team follows a managed Security Development Lifecycle (SDL) which includes:
- MS-SDL best practices.
- Threat modeling.
- OWASP guidelines.
- Regularly scheduled static code analysis is performed on regular basis.
- Regularly scheduled vulnerability scanning is performed on regular basis.
- Recovery Manager for Active Directory has been validated in a Secure Technical Implementation Guidelines (STIG) environment. See Security Technical Implementation Guides (STIGs) for more information.
Recovery Manager for Active Directory developers go through the same set of hiring processes and background checks as other Quest employees.
