Home > Support Docs >
TopBraid Enterprise Data Governance (EDG) Security
TopQuadrant Vulnerability Management and Security Policies
TopQuadrant maintains SOC 2 Type 2 Compliance
Open Source Software |
TopQuadrant maintains a current list of open source software used in EDG available here. TopQuadrant updates these libraries regularly to ensure the most current security patches are applied. |
Scans |
TopQuadrant code base is continually monitored for known vulnerabilities. Prior to releases, a complete scan is done as well. Please contact TopQuadrant support for copies of this report. |
Response |
All vulnerabilities are analyzed for impact and severity. If a vulnerability is found to be critical in the context of normal operation of the software, it will be remedied with a patch or new release or mitigation controls. Non-critical vulnerabilities will be remedied in the following release. |
Notification |
Customers will be notified through TopQuadrant support if critical vulnerabilities are found that will have an impact on the software and its use by customers. |
Reporting |
Customers are encouraged to contact TopQuadrant at security@topquadrant.com to report any security concerns or questions regarding TopQuadrant software. |
Below are the CVEs addressed with TopQuadrant’s latest release as well as historical data.
You can find more information in the release notes and corresponding change logs.
