Software development

Polygon Labs engineering teams are trained and instructed to use secure coding guidelines and follow industry standards for secure development, such as OWASP, which provides guidelines, tools, and resources to help our developers identify and mitigate security risks.

Starting with activities such as threat modeling and risk assessments, Polygon Labs can systematically identify and prioritize potential security threats and vulnerabilities in systems and applications. These proactive measures enable us to allocate resources effectively, focusing on areas that pose the greatest risks.

Continuous integration and continuous deployment (CI/CD) activities are enforced in all code repositories, which implement automated security testing and scanning tools into the CI/CD pipeline to detect vulnerabilities early in the development process.

Following development and testing phases, all applications expected to go into production are further tested via internal or external assessments such as penetration testing, security audits, and bug bounty programs. These efforts help validate the effectiveness of our security controls, detect weaknesses, and address them before they can be exploited by malicious actors.