Eneruni Software adheres to the Secure Software Development Lifecycle (SSDLC) guidelines prescribed under the ISMS. A summary of the key security practices followed in the SSDLC includes:

• All software requirements are evaluated for the CIA triad - Confidentiality, Integrity, and Availability.
• Threat Models are created using the STRIDE approach.
• All third-party software components are continuously evaluated for open vulnerabilities.
• All code is continuously scanned using Static Application Security Testing (SAST).
• The software is regularly scanned using Dynamic Application Security Testing (DAST).
• Software is assessed for Data Privacy Compliance Requirements.
• All Eneruni members undergo regular Information Security Training relevant to their roles.