New app security questions

ron.jailall · August 15, 2023, 9:15pm

We’re starting the development of a new app and want to make sure we don’t have any issues when we get to the review stage. The new app registration mentions a few items to check, are all of these required for passing the review process?

Specifically the 3rd party penetration testing, or soc2 compliance, or iso27000 compliance.

We do use SAST and SSDLC practices.

nigel.hughey · August 18, 2023, 5:59pm

Hello Ron,

The items in the Security section are not necessarily hard requirements. If you use use SAST and SSDLC practices, then describe this in detail in your Technical Design Document, and the Security Team will follow up with if they have questions.

You can read more about Security best practices for Marketplace apps here: Security Best Practices

Regards,
Nigel Hughey
Marketplace Operations

nigel.hughey · August 18, 2023, 7:54pm

For more details:

Topic		Replies	Views
Evidence Guidelines for Your Marketplace App App Marketplace app-submission , securityreview , marketplacesecurity	1	378	September 11, 2023
Documents not required are requested in Functional Review App Marketplace	3	251	October 8, 2023
SAST/DAST and Penetration Testing App Submission api	2	325	August 21, 2023
What kind of documents can act as an evidence for Zoom Marketplace secure software development process, SAST/DAST, 3rd part penetration testing? App Marketplace	2	357	May 20, 2023
Requirements for security testing for Connect with Zoom use case? App Submission	1	481	June 23, 2022

New app security questions

Related Topics