trust
secure-sdlc
Secure development icon

Secure Development Lifecycle

Secure Development Lifecycle

Security-focused engineering practices across design, build, and release.

Security-focused engineering practices across design, build, and release.

Applies to

Security Program

Domain

Product Security

Contact

security@oxvo.com

Overview

A secure development lifecycle (SDLC) reduces risk by building security into how software is designed, reviewed, and shipped. OXVO's SDLC emphasizes review, testing, and controlled changes to production systems.

Controls & Practices

- Peer review for code changes (implementation dependent) - CI checks before release - Principle of least privilege for deployment access - Recommended: use separate environments for testing and production

More trust controls

Browse related security, privacy, and reliability controls across OXVO.

Multi-factor authentication icon

Multi-Factor Authentication (TOTP)

Require a second factor to reduce the risk of account takeover.

Single sign-on icon

Single Sign-On (SAML 2.0)

Centralize authentication and offboarding through your identity provider.

SCIM provisioning icon

SCIM Provisioning (Enterprise)

Automate user lifecycle management from your identity provider.

Role-based access control icon

Role-Based Access Control (RBAC)

Apply least-privilege access across admin, agent, and analyst workflows.

Audit logs icon

Audit Logs

Track security-relevant actions and configuration changes across your workspace.

API token icon

API Tokens & Scoped Keys

Issue scoped access tokens for integrations with rotation and revocation.

Multi-factor authentication icon

Multi-Factor Authentication (TOTP)

Require a second factor to reduce the risk of account takeover.

Single sign-on icon

Single Sign-On (SAML 2.0)

Centralize authentication and offboarding through your identity provider.

SCIM provisioning icon

SCIM Provisioning (Enterprise)

Automate user lifecycle management from your identity provider.

Role-based access control icon

Role-Based Access Control (RBAC)

Apply least-privilege access across admin, agent, and analyst workflows.

Audit logs icon

Audit Logs

Track security-relevant actions and configuration changes across your workspace.

API token icon

API Tokens & Scoped Keys

Issue scoped access tokens for integrations with rotation and revocation.