Source Code Protection. Provider shall protect source code from various security risks, including outsider and insider threats. Provider will implement a layered security approach such as, but not limited to a) defining a set of rules, requirements, and procedures for handling and protecting code, b) use source code security analysis tools, such as Static Application Security Testing (SAST), to detect security flaws and other issues during development, c) define who is allowed to access source code, codebase and source code repositories, d) encrypt confidential and sensitive data both in transit and at rest, e) implement network security solutions such as firewalls, Virtual Private Networks (VPN), anti-virus, and anti-malware software as basic protections, f) secure the endpoints or entry points of end-user devices with endpoint security software, and g) ensure that all concepts and inventions related to software are protected by copyright law and necessary patents.
Appears in 2 contracts