strongDM hires an independent firm to conduct penetration tests of our platform and APIs at least annually. Any items identified during a test are evaluated and scheduled for remediation as needed, in keeping with our vulnerability management policies.
Incident Response Drills
We conduct quarterly incident response drills to make sure we're ready if we ever need to respond to an actual incident. Feedback is reviewed and incorporated into our procedures after each drill to help us continuously improve our posture.