HCL Software is committed to delivering secure products to our customers. In support of this commitment, we have long utilized an Information Security Management System (ISMS) to drive consistency in approach across all of our products and services, per the ISO/IEC 27001 standard. For more information about HCL Software certifications and the ISMS, visit https://www.hcltechsw.com/wps/portal/legal/compliance. 

In our development processesall production software and content releases undergo the secure final mile process prior to release which includes PenTest+ penetration testing, static and dynamic scans, open source scans and 3rd Party Vendor Ethical hacking to ensure the security and integrity of the BigFix product. 

We are committed to delivering products which meet the stringent U.S. Federal government standards for secure supply chainHCL Software has a U.S. Federal Government approved Product Integrity Policy. The policy is enforced by HCL’s U.S. Federal Government approved security officer, and U.S. Federal government approved 3rd party monitor.  

 BigFix is compliant with: 

  • Common Criteria – is an international standard for computer security certification. It is used as the basis for a government-driven certification scheme. Evaluations are typically completed for the use of Federal Government agencies and critical infrastructure.  
  • ISO 20243 – a framework to address the problem of maliciously tainted and counterfeit products. It is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software products throughout the product life cycle. For more information, refer to FAQ #6 about our supply chain: https://www.hcltechsw.com/wps/portal/about/faqs . 

We remain vigilant in maintaining security of our software, data and systems, and complying with important international and national security standards.  We do this to protect our company as well as our customer’s businesses. 

For more information 

To learn more about BigFix, visit www.BigFix.com or contact your HCL Software Specialist. For further information about how BigFix can be used to find and mitigate this threat, contact your BigFix Technical Advisor. 

 

 

 

Comment wrap
Further Reading
article-img
Automation | March 4, 2021
Aruba ClearPass Extension for BigFix Expands Authentication Policies
The integration of Aurba’s ClearPass Policy Manager with BigFix allows Aruba to leverage BigFix’s rich set of device attributes collected by BigFix.
article-img
Automation | February 18, 2021
New BigFix Trust Center
The Trust Center is a valuable resource to our customers and partners who need to understand how HCL Software tests and protects BigFix code, the national and international certification we have obtained or working to obtain, and how we protect user information  and the information provided to our support teams.
article-img
Automation, Data Management | January 29, 2021
BigFix: When Winning Matters!
Thousands of customers, commercial and governmental, across the globe trust and rely on BigFix.  
Close