HCL Software is committed to delivering secure products to our customers. In support of this commitment, we have long utilized an Information Security Management System (ISMS) to drive consistency in approach across all of our products and services, per the ISO/IEC 27001 standard. For more information about HCL Software certifications and the ISMS, visit https://www.hcltechsw.com/wps/portal/legal/compliance. 

In our development processesall production software and content releases undergo the secure final mile process prior to release which includes PenTest+ penetration testing, static and dynamic scans, open source scans and 3rd Party Vendor Ethical hacking to ensure the security and integrity of the BigFix product. 

We are committed to delivering products which meet the stringent U.S. Federal government standards for secure supply chainHCL Software has a U.S. Federal Government approved Product Integrity Policy. The policy is enforced by HCL’s U.S. Federal Government approved security officer, and U.S. Federal government approved 3rd party monitor.  

 BigFix is compliant with: 

  • Common Criteria – is an international standard for computer security certification. It is used as the basis for a government-driven certification scheme. Evaluations are typically completed for the use of Federal Government agencies and critical infrastructure.  
  • ISO 20243 – a framework to address the problem of maliciously tainted and counterfeit products. It is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software products throughout the product life cycle. For more information, refer to FAQ #6 about our supply chain: https://www.hcltechsw.com/wps/portal/about/faqs . 

We remain vigilant in maintaining security of our software, data and systems, and complying with important international and national security standards.  We do this to protect our company as well as our customer’s businesses. 

For more information 

To learn more about BigFix, visit www.BigFix.com or contact your HCL Software Specialist. For further information about how BigFix can be used to find and mitigate this threat, contact your BigFix Technical Advisor. 

 

 

 

Comment wrap
Further Reading
Automation, Data Management | January 21, 2021
Effectively manage multi-cloud environments with BigFix
BigFix, the most reliable and capability-rich endpoint management solution, provides a great choice for organizations to manage and secure workloads across all major clouds and on-premise in a consistent and effective way.
Automation, Data Management | January 11, 2021
New BigFix Insights Data Schema Document Now Available for Download
New BigFix Insights Data Schema document now available for download. The data schema will be useful to Data Analysts, Business Intelligence users, and System Integrators.
Automation | December 22, 2020
The new BigFix Training webpage is now LIVE!
The new BigFix Training webpage is now LIVE!  Check out the available training courses, read a description of each course, and review the calendar of upcoming training/enablement events.  Of course, you can register for courses, too. 
a/icon/common/search Created with Sketch.