We scan all dependencies and conduct regular security reviews of our product and infrastructure.
As an open source codebase, we have very public scrutiny of all our practices.
All tools deployed on the customer’s cluster(s) and used by end users, excluding the Enterprise Edition Control Plane, are open-source (Polyaxon Agent, Helm charts, SDKs, CLI, Clients, …) and can be reviewed.