Hi Joel, Thank You. for the detailed explanation. I will go through the documentation for further clarification.
Much Appreciated!! Regards Bharat ________________________________ From: Joel Esler <joel.es...@me.com> Sent: Monday, February 3, 2025 8:22 PM To: ClamAV Development <clamav-devel@lists.clamav.net> Cc: Bharat PANDEY <bharat.pan...@lhh.com>; Raj PANDEY <raj.pan...@lhh.com>; Tausif FARIDI <tausif.far...@lhh.com> Subject: Re: [Clamav-devel] ClamAV Security Documentation ! External Email: This message originated outside of The Adecco Group. Do not click links or open attachments unless you recognize the sender and know the content is safe. Subject: Re: Security and Compliance Information Request for ClamAV Hi Bharat, Regarding your request: 1. SOC Type 2 Report: Currently, ClamAV, as an open-source project, does not have a SOC Type 2 report available. SOC reports are typically produced by service organizations, and ClamAV, being a software library, does not fit into this category. 2. ISO:27001 Certification: ClamAV does not hold any ISO certifications, including ISO:27001. Being an open-source software maintained by a community of developers with corporate sponsorship, it does not undergo the certification processes that a commercial product might. For further information and documentation, I recommend checking ClamAV's official documentation and resources at: * <http://www.clamav.net/documents> Introduction - ClamAV Documentation<http://www.clamav.net/documents> clamav.net<http://www.clamav.net/documents> [favicon.png]<http://www.clamav.net/documents> * <https://github.com/Cisco-Talos/clamav-devel> [clamav.png] GitHub - Cisco-Talos/clamav: ClamAV - Documentation is here: https://docs.clamav.net<https://github.com/Cisco-Talos/clamav-devel> github.com<https://github.com/Cisco-Talos/clamav-devel> On Feb 3, 2025, at 00:41, Bharat PANDEY via clamav-devel <clamav-devel@lists.clamav.net> wrote: Hi Team, We are planning to use ClamAV as the Antivirus Scanning Library in our application. We wanted to check if the ClamAV can provide any information about the library with respect to the following (as it is being requested as part of the Security and Compliance Verification). 1. SOC Type 2 Report 2. If Not, then ISO:27001 Certification 3. Pen Test Document Please let us know if it we can get this information from any of the ClamAV Documentation or Portal Help. Regards Bharat _______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
