Nested Knowledge will undergo penetration testing of its web application on an annual basis, unless this schedule is required to be revised by Nested Knowledge. An external security firm will test the web application to identify vulnerabilities. Testing will be performed in a staging environment against the most recently deployed version of the Nested Knowledge platform. Any vulnerabilities detected will be prioritized and remediated by the Nested Knowledge development team.
Each penetration test will follow the steps:
- Reconnaissance: gathering information before an attack
- Enumeration: finding attack vectors
- Exploitation: verifying security weakness
- Documentation: Recording results
Testing History #
The last penetration test was completed by a third-party vendor on April 9th, 2025.
Revision History #
| Author | Date of Revision/Review | Comments/Description |
|---|---|---|
| K. Cowie | 10/25/2024 | Reviewed |
| K. Cowie | 05/04/2023 | Updated |
| K. Kallmes | 04/10/2023 | Approved |
| K. Holub | 12/12/2025 | Reviewed |
