Veritas is committed to transparency around our development practices and management of security vulnerabilities. We put security at the core of our product development, infrastructure, and processes. Read our Vulnerability Management Commitment and Disclosure policy to learn more.
Veritas takes security seriously and prioritizes the protection of our products and enterprise assets. Our comprehensive approach ensures that we address all aspects of security to maintain a secure environment for our customers and partners. Trust Veritas to uphold the highest standards of security and safeguard your valuable assets.
Security begins in product development, where we use secure coding methods and analysis tools. Veritas products undergo penetration testing by an independent third-party firm at least annually. The Product Security Group (PSG) also conducts internal scans as part of the release of a new product version. PSG manages schedules for pen testing and internal vulnerability scans. Our Secure Software Development Framework is modeled after NIST SP 800-218, a core set of software development practices focused on mitigating vulnerabilities.
Veritas aligns to the National Institute of Standards and Technology (NIST) framework—a standard that addresses cyber resiliency as five key pillars: Identify, Protect, Detect, Respond and Recover. Ultimately, we measure ourselves with a simple question: Do our solutions and actions result in better protection of the world’s data and infrastructure?
As the threat landscape continues to evolve, you will continue to see innovation in both areas to ensure we’re driving the right outcomes with simplicity for our customers.
Veritas REDLab is a fully isolated, in-house security lab where we proactively validate our cyber resiliency capabilities, including anomaly detection, malware detection, and product security posture. We test Veritas software against the world’s worst malware so you can be confident in the ability of our solutions to protect you from unexpected downtime, data loss, and data theft.
Unmatched in the industry, Veritas incorporates data sovereignty, granular non-disruptive recovery rehearsals, and multi-cloud IT resiliency orchestration (ITRO) at scale. We use cloud service providers (CSPs) for application resiliency in our cloud services in regional, across regions, and across CSPs. Veritas cloud-native tools enable you to create services in a highly resilient fashion and ensure high levels of availability and resilience. We offer real-time status updates through our cloud service availability.
Data security is a team sport—no single product addresses all aspects of security requirements. At Veritas, we partner with the best across the industry to optimize your investment by ensuring our products not only integrate well, but also stand up to cyber attacks. We ensure minimal downtime, fast recovery rates, and seamless restore to a clean copy.
Through these strategic partnerships, we deliver industry-leading solutions across a range of areas, including: