This page describes how Probativa approaches security in the design, development, distribution, and operation of its software.
Security is treated as a foundational requirement, not a feature.
Security Philosophy
Probativa builds software for professional and organizational environments where predictability, integrity, and control are essential.
Our security approach is based on the following principles:
- Secure by design
- Security considerations are integrated into product architecture and development decisions from the outset.
- Least privilege and minimal exposure
- Software is designed to minimize unnecessary access, permissions, and external dependencies.
- Transparency and verifiability
- We favor clear, understandable behavior over opaque or hidden mechanisms.
- Operational realism
- Security measures are proportional, practical, and suitable for long-term use.
Product Architecture and Operation
Probativa products are designed to operate in customer-controlled environments.
Depending on the product:
- Core functionality may operate fully offline once licensed and activated
- No continuous connection to external services is required for normal operation
- Customers retain control over deployment, configuration, and execution
This reduces attack surface and simplifies internal security reviews.
Software Development Practices
Probativa follows disciplined development practices intended to reduce risk, including:
- Controlled source code management
- Review of changes affecting security-relevant functionality
- Avoidance of unnecessary third-party dependencies
- Regular maintenance and updates
Security-relevant changes are implemented deliberately and tested prior to release.
Distribution and Integrity
Software distributed by Probativa is provided through controlled channels.
Measures include:
- Controlled build and release processes
- Versioned releases
- Clear identification of supported versions
Customers are encouraged to obtain software only from official Probativa distribution sources.
Licensing and Activation Security
Licensing mechanisms are designed to:
- Enforce license terms without unnecessary data collection
- Operate predictably and transparently
- Allow local activation and deactivation by the customer
Licensing systems are not designed to collect or process customer data beyond what is required for license validation and administration.
Data Handling and Exposure
Probativa products are designed to minimize data exposure:
- No unnecessary transmission of customer data
- No background data collection unrelated to product functionality
- Clear separation between licensing, support, and operational data
For details on personal data processing, please refer to the Privacy Policy and Compliance & GDPR pages.
Vulnerability Management
Probativa takes reports of security vulnerabilities seriously.
If a potential security issue is identified:
- It is reviewed and assessed
- Mitigations or fixes are implemented as appropriate
- Updates are released in a controlled manner
Customers are encouraged to report suspected vulnerabilities responsibly.
Third-Party Components
Where third-party libraries or components are used:
- They are selected based on maturity and suitability
- Dependencies are kept to a minimum
- Updates are applied when relevant to security or stability
Probativa avoids unnecessary or opaque third-party services.
Customer Responsibilities
Security is a shared responsibility.
Customers are responsible for:
- Secure deployment and configuration
- Appropriate access controls on their systems
- Compliance with internal security policies
- Keeping software versions up to date within licensed update periods
Probativa provides software designed to support secure operation but does not control customer environments.
Limitations
Probativa does not claim absolute security.
No software can eliminate all risk, and security outcomes depend on:
- Deployment context
- Configuration
- Operational practices
This page does not constitute a security guarantee or certification.
Contact and Security Reporting
If you have questions about security practices or wish to report a potential security issue, please contact us through the website.
We aim to handle security-related communications responsibly and professionally.