I am completing internal audits and am reaching out to all our vendors, including Aspose, and requesting any and all third party attestations for internal controls. SOC2, ISO and related and available documentation (a filled-out security questionnaire would also do). Thank you!
I know that people have asked for this before (for example, Third party attestation request for internal audits), but the links in those posts aren’t available.
Please note that Aspose APIs are secure. Aspose components run in the same user context as any regular application. Therefore, Aspose components do not pose a potential risk to vital system resources. Furthermore, when a document is opened by an Aspose component, macros (if they exist in the document) are not automatically run. Aspose components were built with the goal of allowing developers to create, manipulate, and save Office files. None of the risks associated with the Microsoft Office package are inherent to Aspose components.
Please find attached sample security reports of Aspose.Words, Aspose.Cells, Aspose.PDF and Aspose.Slides for your reference.
aspose-words-net-security.zip (15.2 KB)
aspose-cells-net-security.zip (15.2 KB)
aspose-pdf-net-security.zip (15.3 KB)
aspose-slides-net-security.zip (15.2 KB)
Thank you so much for providing those reports. Last question: Do you also have a report for Aspose.Words - Cloud SDK for Node.js (or does the aspose-word-net-security.zip cover that SDK as well)?
Aspose.Words for .Node.js Cloud API is a cloud version of the Aspose.Words component from aspose.com, so you may think that the Aspose.Words security report may also cover it. Anyways, you may also post your query in the dedicated cloud forum and one of our fellow colleagues from the cloud team will assist you soon.