Aspose App Security
Supply Chain Risk
The policy outlines the strategies Aspose employs to mitigate risks associated with internal processes that support software development, API provision, product delivery, and the use of open-source software components. Aspose’s APIs enable developers to manipulate various file formats across multiple platforms without relying on third-party proprietary software. This policy ensures the continuous and secure delivery of Aspose’s software products by managing internal, operational, and open-source software risks. read more
Software Bill of Materials (SBOM)
This document outlines the direction Aspose needs to take as a software producer and consumer to enhance transparency and, more importantly, gain visibility into the security of our software supply chain. Aspose is assessing a rapidly evolving regulatory environment with references to SBOM requirements in numerous draft laws, U.S. and international executive orders, customer requests, and various community standards and specifications. read more
Third Party Risk Management
Aspose Pty Ltd recognizes the critical role third-party relationships play in the development, delivery, and support of its self-hosted software products. This Third Party Risk Management (TPRM) policy establishes a structured approach to managing risks associated with these relationships, ensuring product security, operational resilience, and scalability. read more
Vulnerability Management Policy
The purpose of this policy is to establish a structured and effective approach to managing vulnerabilities within Aspose’s software products. This policy aims to ensure timely identification, assessment, and mitigation of security risks, safeguarding the security and integrity of Aspose’s offerings and protecting customers’ data and privacy. read more
Secure Software Development Lifecycle
This policy establishes a secure software development process that minimizes risks, aligns to regulatory and industry standards (GDPR, HIPAA, ISO 27001), and integrates security practices at each stage of the SDLC. read more