ThreatLocker guarantees that all its products go through the most stringent quality testing processes for both security and reliability.
This document outlines the quality assurance (QA) process for the ThreatLocker Endpoint Security Product. This document aims to ensure that ThreatLocker's product is developed and delivered with the highest quality standards and meets customer requirements.
The QA process applies to all stages of development and delivery, including but not limited to product design, development, testing, deployment, and maintenance.
- Product Owner: Responsible for ensuring that the product meets customer requirements and ensuring that all stakeholders are aligned.
- Development Team: Responsible for implementing the product as per the requirements and ensuring that the code is high quality.
- Quality Assurance Team: Responsible for designing and executing test cases, reporting defects, and verifying fixes.
Responsible for implementing the product as per the requirements and ensuring that the code is high quality. This includes, but it not limited to:
- Create clean and well-maintained code that follows industry best practices.
- Review of source code by independent person before being merged into a build.
- Scan all source code for potential security vulnerabilities.
- Address and resolve the defects reported by the Quality Assurance Team
Quality Assurance Team
The Quality Assurance (QA) Team ensures all product is free from defects and verifies fixes. The QA Team operates independently from the Development Team with no direct reporting. The QA Team is responsible for the following roles:
- Requirements Gathering: The QA Team, along with the Development and Product Teams, will gather and review the product requirements to ensure that they are complete, clear, and accurate.
- Test Planning: The QA Team will create a comprehensive test plan that outlines the testing strategy, test cases, and test schedules.
- Test Design and Development: The QA Team will design and develop test cases based on the requirements and test plan.
- Test Execution: The QA Team will execute the test cases and report any defects found to the Development Team for repair.
- Defect Tracking and Resolution: The QA Team will verify the fixes and close the defects.
- Test Closure: The QA Team will review the test results and sign-off on the product's quality.
- Deployment: The product will be deployed to production after successful testing and QA sign-off.
Tools and Techniques
ThreatLocker utilizes a number of tools and techniques to ensure the highest quality is achieved in our product.
- Source Control Software for stopping the merging of code into a build until it is reviewed by an independent person.
- Requirements Management Tool for managing and tracking requirements.
- Test Management Tool for managing and tracking test cases and defects.
- Automated Testing for efficient and consistent testing.
- Performance Testing for verifying product performance and scalability.
- Security Testing for verifying product security and protecting against threats.
External Validation and Testing
- ThreatLocker engages a third-party auditor to audit ThreatLocker's quality assurance process and other processes and report finding in a SOC 2 Type II report.
- ThreatLocker engages an external company to perform vulnerability and penetration testing on all systems.
The QA process described in this document ensures that ThreatLocker is delivered with the highest quality standards and meets the requirements of the customers. By following this process, the product will be developed, tested, and deployed in an efficient and consistent manner.