In the Athento development process, the coding workflow itself provides a code security review:
- Automatic code review: We use tools such as Codacy for code analysis. Every week, we dedicate a minimum amount of time to correct the quality defects that Codacy reports to us. In the following link, you can see the Codacy dashboard https://app.codacy.com/project/Athento/athentose/dashboard?bid=6087231&token=RKFhAxbrX1f4WYJ
- Pull-request review: Code modifications are reviewed by several engineers other than the engineer who wrote the code.
- Open source libraries: We use many open source libraries and products. The advantage of open source is that the community reviews it and proactively detects vulnerabilities.
- Release cycle: the product is maintained for extended periods in Fast Track versions so that we can perform sufficient testing.