Numerical Innovations - Software Security Assessment 

Numerical Innovations Inc's goal is to ensure all our software application(s) are designed, developed, and deployed in a secure environment from the beginning.  Nowadays it's important for customers to be aware of any potential vulnerabilities/threats, and here's our brief software security assessment.

 

1. Software Availability:

Our software is available anytime for download (24/7/365), by logging in to our website and accessing the download page.  Both current and past major releases are available for download. 

We strongly encourage customers to save or backup their downloaded files to a safe place, should they wish to reinstall or move to a different computer (without the need to access our download site).   Here's our download access policy,  https://support.numericalinnovations.com/support/discussions/topics/14000003274

 

2. Software Protection:

Installation and executable files are code-signed with our corporate certificate-based digital signature.  This code signature guarantees our installation and executable files have not been tampered.  The executable files have all symbols stripped to help prevent reverse engineering and and unauthorized access.

 

3. Software Development:

Our source code is written using industry standard C++ and compiled with Microsoft Visual Studio.  The source code is thoroughly reviewed and tested for vulnerabilities before each release.  For each software release, the source code and binary files are stored in a repository, with restricted access to them.  The repository is also securely stored both in-house and offsite with permanent archiving & retention capabilities.


4. Responding to Vulnerability:

We are constantly monitoring for potential vulnerabilities in-house.  Should any customer experience a potential vulnerability, it may be reported and tracked using our online support ticketing system.   https://support.numericalinnovations.com/support/tickets/new

We continuously review information from customers, public sources, and component developers regarding potential vulnerabilities in our software.  If we identify the root cause of any vulnerability, a new software update will be made available immediately (typically within one week or less).

 

5. License Type Assessment (for Desktop Applications):

License Type

Risk Threats Vulnerabilities Impact Description Risk level Impact level Existing controls Priority
Floating / Network Information involved in electronic handshake between server and client computer gets compromised. Hackers Binaries are developed by a 3rd party company Flexera (the most common IT / License management software). There are many websites dedicated to hacking Flexera binaries. ●Loss of revenue.
● Advantage for competitors.
MEDIUM MEDIUM Implemented Flexera's Trusted Storage–Based Licensing for added protection and security. HIGH
Activation Code Unauthorized users gain access to the application by stealing activation code. Hackers, disgruntled employees Employees may accidentally—or knowingly—give away certain details that help hackers gain access to the application. ● Loss of productivity due to system downtime.

● Client activation code data may get compromised.
MEDIUM MEDIUM Activation code has been assigned passwords. Thus if the activation code is stolen, hacker must also know the password assigned by the client. HIGH
Numerical Cloud

Unauthorized users gain access to the application by stealing activation code.

 

Hackers, disgruntled employees Employees may accidentally—or knowingly—give away certain details that help hackers gain access to the application. ● Loss of productivity due to system downtime.

● Client activation code data may get compromised.
MEDIUM MEDIUM Activation code has been assigned passwords. Thus if the activation code is stolen, hacker must also know the password assigned by the client. HIGH

 

Questions? Please contact the Numerical Innovations Support team for additional assistance:   https://support.numericalinnovations.com/support/tickets/new