# Security updates

We take security seriously at Vectice. This page outlines our approach to keeping your deployments secure.

## OS updates

* **Frequent Kubernetes Updates:** We leverage a Kubernetes managed service to ensure our Kubernetes environment receives monthly updates. These updates include critical security patches and improvements to the underlying platform.
* **Lightweight, Community-Maintained Docker Images:** Our software uses minimal Docker images, reducing attack surface and potential vulnerabilities. The open-source community actively maintains these images, benefiting from continuous security improvements.

## Packages update

* **Regular Package Updates:** We release security patches and functionality updates for our core software components every two weeks. 

## SLA

Vectice follows CVSS 3.1 vulnerability assessment and commits to vulnerability resolution with the SLA below:

{% hint style="info" %}
CVSS 3.1, or the **Common Vulnerability Scoring System version 3.1**, is a standardized framework used to rate the severity of security vulnerabilities in software. It provides a numerical score reflecting a vulnerability's potential impact and exploitability, helping organizations prioritize their remediation efforts effectively.
{% endhint %}

| **Vulnerability** | **Resolution target time** | **Mechanism**            |
| ----------------- | -------------------------- | ------------------------ |
| Critical          | << 14 days                 | Patch or regular release |
| High              | << 14 days                 | Patch or regular release |
| Medium            | << 1 month                 | Regular release          |
| Low               | << 2 months                | Regular release          |

**For more information:**

* [Understand the benefits of lightweight container images](https://dev.to/techworld_with_nana/top-8-docker-best-practices-for-using-docker-in-production-1m39)&#x20;
* [CVSS 3.1 specifications document](https://www.first.org/cvss/v3-1/cvss-v31-specification_r1.pdf)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.vectice.com/24.4/it-and-security/security/security-updates.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.