Responsible disclosure
We appreciate your help in reporting security vulnerabilities and have established a Responsible Disclosure Program to collaborate with security researchers. If you discover a bug, please report it to security@biorender.com.
Code analysis & application security
To ensure the security and dependability of our digital solutions, BioRender has implemented a comprehensive App Security Policy with the following key components:
Security best practices
- Visibility: We prioritize transparency in our software components by providing detailed information about our security procedures and tools.
- Automation: We utilize automation for critical security operations, including vulnerability scanning and efficient management of security tools.
- Risk Insights: Our approach generates crucial insights into potential risks, allowing for informed security decisions.
Security measures
As part of our commitment to security, we have implemented several key measures:
- CI/CD Security Posture: Continuous monitoring across the development pipeline ensures that security teams can address potential cyber threats proactively.
- Security Tools Marketplace: We provide a platform for seamless integration of both open-source and commercial security tools.
- Software Composition Analysis (SCA): Our security program scans software components to identify vulnerabilities, assessing their severity and potential impact.
- Secrets Data Management & Detection: We monitor and protect sensitive credentials, including passwords and API keys, embedded in our software code.
- Security for Containers: Routine scanning of container images helps identify vulnerabilities and apply necessary fixes.
- DevSecOps Consulting: We continuously improve DevSecOps methodologies to enhance our software security posture.
Credential management
We manage all sensitive credentials using AWS Key Management Service (AWS KMS) and implement key rotation best practices to enhance security.
Vulnerability & patch management
To mitigate security risks, we apply software patches and updates within industry standard SLA’s, based on severity. Our Vulnerability Management Database tracks all vulnerabilities to ensure proper assessment and remediation.
Need help?
For additional guidance on security assessments and compliance best practices, visit our Trust Center or reach out to our support team:
- Email support: support@biorender.com
- Live chat: Click the "Help" bubble in the bottom right-hand corner of the app.
Was this article helpful?
Articles in this section
- Infrastructure at BioRender: BioRender AWS hosting
- Legal: BioRender subprocessors disclosure
- Access control
- BioRender access and data security
- BioRender employee training policy
- Responsible disclosure & security practices
- BioRender endpoint security
- BioRender cookies policy
- Security documentation and assessments
- The Pentest report