Today, we are thrilled to announce that the 18.4.4 version and all successive versions of the UiPath Platform have been certified as meeting the highest level of the Veracode program Verified Continuous. This validates that our software development processes include comprehensive and mature security practices. Additionally, our participation in the Veracode program ensures that the UiPath Platform meets an exceptionally high standard of application security.
Robotic Process Automation (RPA) inherently deals with confidential business data, regardless of whether the technology is deployed within a medium-sized medical practice or a global financial services firm.
In automating everyday business processes such as transferring files, processing orders, and running payroll, software robots process information from various databases and log into different accounts using supplied passwords. This means an automation platform has access to a variety of information (inventory lists, credit card numbers, addresses, financial information, passwords, etc.) about your employees, customers, and vendors.
Thus, for many companies automating business processes security is one of the biggest concerns. From the beginning, the UiPath Platform has been built with defense-grade security and auditing including role-based access control (RBAC), Encryption Everywhere, and Veracode certified code. Our technology is already trusted as secure by 60+ government agencies and thousands of commercial customers.
Organizations that have their secure development practices validated and their application accepted into the Verified Continuous Tier have demonstrated that the following security gates are implemented into their software development practice:
- Assesses first-party code with static and dynamic analysis
- Provides developers with guidance on how to remediate flaws which have been introduced
- Assesses open source components for security vulnerabilities
- Manual Penetration Testing (MPT)
- Documents through policy that the application is compliant when there are no vulnerabilities medium or above
- Integrates security tools and processes into development workflows
- Provides secure coding training to the development team and advanced secure coding training to an identified security champion on the development team
This Verified Continuous accreditation, from a leading provider of application security, adds another validation for UiPath’s ongoing commitment and market leadership to defense-grade security.
Valentin Lupu is the Application Security Program Manager at UiPath.