XMPro platform undergoes app security checks every 3 months. We use Veracode as the provider to analyse the security of the software to help identity, prevent and fix any vulnerabilities. Veracode scans the software and tests it in multiple ways, including using Static Analysis (white-box testing), Dynamic Analysis (black-box testing), and Software Composition Analysis.