The SolarWinds SUNBURST breach has turned a spotlight on all software vendors, Inkscreen included, and how the industry handles the complicated business of software development and maintenance. We take our customers trust very seriously, and since the inception of our Company we have taken measures to ensure that we are never the weak link in their web of critical software systems. Here are a few things we do to maintain your trust.

1) Veracode. We have partnered with Veracode since 2014 to run regular scans of our applications to check for any potential vulnerabilities. We have consistently maintained a score of 99 or 100, earning us the “Veracode Verafied” designation. This extra step adds significant time to our release schedule and the service represents a large cost to our operation, however it allows us to publish software updates with a high level of confidence that we are not introducing some kind of threat to our customers.

2) No development shops. Outsourcing software development to big offshore or near-shore development shops is extremely common and can save a publisher a great deal of money. The problem with this approach is that you have very little control over who is actually contributing to your codebase, and this makes us uncomfortable. We do outsource some of our work, but only when we can work directly with the individuals working on the project. This is not an indictment to using outsourced dev teams, it’s just not the way we do business.

3) Background checks. This leads me to the third and final point. We run detailed background checks on everyone who contributes to our application development efforts and we have done so since 2013.

We know we are still at risk of making mistakes, but we have always and will always place a strong priority on ensuring the software we release to the world does not harm to our customers or introduce risk to their data and operations.