Hopr employs continuous security testing from initial development and throughout the CE/CI lifetime of its product lines. In addition to GitLab’s state-of-the-art secure software development tools, GitLab’s code scanning processes, such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, and Dependency Scanning can quickly identify the latest known security vulnerabilities in Hopr’s product code throughout the DevSecOps cycles.
What happens if identical sidecars do not build identical keys?
Without successful decryption, a received message will fail. One reason this could happen is that the dynamic source data used by the CHIPS™ algorithm has changed between the time the client and server keys are built. If this occurs with a trusted workload, then the sidecars re-build the keys and try the messaging again. This is only an issue at the start of a session and rarely occurs.
How are Hopr’s product SBOMs created and maintained?
Hopr product’s SBoMs are automatically generated via inclusion of Gemnasium scanning through a GitLab-provided template. The SBOMs are generated through GitLab in CycloneDX JSON format, an industry standard that is then parsed by Rezilion integration and shown in the GitLab user interface.
Stay in touch with us
Sign up for our awesome newsletter! No spam ever.
Thank you! Your subscription is confirmed.
Oops! Something went wrong while submitting the form.
