Out of the Box BrickStor SP is inherently secure by design and eliminates work for an admin to achieve approval to operate. The steps in this guide provide a quick reference for an admin to ensure that all of the settings are correctly calibrated to be in the most secure configuration and connected to environmental specific systems, such as the log repository, NTP time source, LDAP/Active Directory, etc. Code Signing RackTop secures software updates by providing signed code in a proprietary RAP format. Fielded systems validate the signature before installing the software update. BrickStor SP’s Operating System will not allow unsigned binaries to persist a reboot to provide further protection against malware and advanced persistent threats. Firmware for RackTop provided hardware is also managed in a similar way using signed binaries to protect the authenticity and integrity of the software and hardware. Vulnerability Patching As part of the product lifecycle, the project management team tracks and reviews serious findings from vulnerability scans and security reviews. The project team ensures any findings are addressed with the highest development priority for security updates and product releases. Read Only Boot Image The boot image is a read only verified image and operates from memory. During a reboot, the system re-reads the image. Unsigned binaries will not persist a reboot.