The Wondaris platform is routinely monitored for vulnerabilities - at a code level (via static code analysis & dependency analysis), infrastructure level (via GCP security scanning), and via automated network & server scanning.
We run automated monthly penetration tests via our chosen provider Intruder.io
. These scan over 10,000 known vulnerabilities in our public and private services, using industry-leading scanning engines. It scans for vulnerabilities such as misconfigurations, missing patches, encryption weaknesses, and application bugs in unauthenticated areas. On top of the monthly scans, emerging threat scans are run on-demand when threats are listed as Common Vulnerabilities and Exposures (CVEs) and can be tested for - these are often multiple times per week (sometimes multiple times a day!).