Vulnerability Scanning. Coinbase employs security best practices to ensure that the Services are secured, updates to its primary services do not introduce new vulnerabilities, and that new services have been sufficiently analyzed for and defended from potential vulnerabilities. Coinbase supplements its day-to-day security practices, including architecture reviews, with regular vulnerability assessments and audits, including (1) automated scans of all code and applications where possible to identify vulnerabilities before ever being introduced to Coinbase’s environment; (2) once services are deployed, implementing continuous monitoring to promptly assess and react to any potential vulnerabilities; and (3) regular evaluation by independent third parties. Critical software patches are evaluated, tested and applied proactively. Penetration Testing. Coinbase performs penetration tests and engages independent third-party entities to conduct application-level penetration tests on an annual basis at minimum. Results of penetration tests are prioritized, triaged, and remediated promptly by Coinbase’s security team according to established SLAs.
Appears in 12 contracts
Sources: Coinbase Prime Broker Agreement (Grayscale Chainlink Trust (LINK)), Coinbase Prime Broker Agreement (Grayscale Dogecoin Trust (DOGE)), Coinbase Prime Broker Agreement (Grayscale XRP Trust)