Development Security & Security Testing
- Secure coding is critical to product and service security.
Secure Coding Standards
To prevent, detect, and eliminate errors that may damage software security, we require developers to strictly comply with Huawei's secure coding specifications. Our developers all required to learn and are tested on these specifications before onboarding.
Static Code Scanning
We use scanning tools to regularly check static code and ensure there are no red flags before we release cloud services. This effectively reduces coding-related security issues.
- Security tests can identify security risks of your products and is indispensable to security assurance.
We use self-developed security testing tools to check cloud services against security requirements identified in the design phase, during penetration testing, and against recognized industry standards. To ensure that the security requirements are met, cloud services must undergo multiple rounds of testing before they can be released.