Secure Code Training
At least annually, LMS365 software engineers participate in secure coding training covering OWASP Top 10 security risks, common attack vectors, and Azure security controls.
Framework Security Controls
LMS365 leverages the latest Microsoft .Net core and modern and secure open-source frameworks with security controls in place to limit exposure to OWASP Top 10 security risks. These inherent controls reduce our exposure to SQL Injection (SQLi), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), among others.
Our Quality Assurance (QA) department reviews and tests our codebase. Dedicated application security engineers on staff identify, test, and triage security vulnerabilities in code.
Development, testing, and staging environments are logically separated from the LMS365 Production environment. No customer data is used in any of our development and/or test environments.