Skip to main content
Last reviewed: March 5, 2026 Owner: Security + Engineering Review cadence: Quarterly Status: Implemented This page covers the engineering controls that reduce security and reliability risk before changes reach production.

What this page answers

  • How code changes are reviewed and validated
  • How dependency and secret risks are managed in CI and deployment workflows
  • How production changes are controlled and rolled back when needed

Current state (as of March 5, 2026)

Tero uses reviewed change workflows, automated checks, and controlled deployment paths.

SDLC control baseline

ControlImplementation
Code reviewPeer review is required before merge
CI checksAutomated checks are required before merge and deploy
TestingAutomated tests run in CI workflows
Dependency riskVulnerability scanning in development and security workflows
Secrets hygieneSecrets are managed in dedicated secret systems
Deployment controlControlled CI/CD paths and environment controls

Change management expectations

  • Changes are reviewed before merge.
  • Production-impacting changes follow controlled rollout behavior.
  • Rollback and post-incident follow-up are part of operational response.

Hosted vs self-hosted boundary

AreaTero-hostedSelf-hosted
Product SDLC controlsTeroTero
Runtime deployment controlsTero-operatedCustomer-operated runtime
Infrastructure patching controlsTero-operatedCustomer-operated

Evidence you can request

TopicPrimary evidence
Runtime and architecture boundariesSecurity Architecture
Access and secret handlingIdentity and Access, Encryption and Key Management
Assurance postureCompliance and Assurance

Exceptions and governance

Any SDLC control exception requires documented approval, compensating controls, and remediation timing. Evidence requests: