The following document outlines the operating modes of the Safe Deployment Practices (SDP) used by TG Soft for the development, testing and release cycle of updates to the Vir.IT explorer PRO suite.
We will explore in detail the types of content updates that are distributed, how they are verified, tested and validated, how they are released and how any post-release issues are handled.
Categories of distributed content
- Signature database and configuration files: it includes the archives of the antiviral signatures, the patterns and the interception filters, the whitelists/blacklists and the configuration files of the various modules/plugins of Vir.IT eXplorer PRO. Given the nature of this type of updates, they follow a more streamlined and rapid daily release cycle.
- Software and Driver: it includes the executable files, services and libraries related to the application in user-mode and the drivers used in kernel-mode for real-time protection (Vir.IT Security Monitor), for Vir.IT Agent System and for the ELAM functionality and communication with the Microsoft© Windows© security center. This type of update follows a longer and more gradual release cycle. It also includes a more extensive testing, verification and validation procedure to ensure a high-quality product in line with international standards, in particular for the prevention of catastrophic events such as crashes or BSODs of the Microsoft© Windows© operating system.
Detail of the phases related to the signature databases and configuration files:
| PHASE | DESCRIPTION |
|---|---|
| Development | Development with immediate verification performed by the developer/analyst after creating the virus signature, rule, interception filter or after modifying the configuration file. |
| Testing & Quality assurance |
Before the public release, the update is applied in the test environment and then to all internal machines of TG Soft (known as "eating our own dog food") to verify interception, false positives, incorrect behaviors, performance efficiency, correct integration with engines and drivers. It is verified that the update has passed all quality checks. |
| Release | Once all internal control phases have been passed, the update is released publicly both for Customers using the update method via Vir.IT Console Server and for customers using the update in standalone mode. The update process is tested in parallel and can be interrupted at any stage in the event of anomalies. |
| Monitoring & Feedback |
Vir.IT eXplorer PRO includes telemetric probes and automatic alerts to monitor any anomalies related to the released update. Technical assistance is also available via email or telephone/remote assistance that collects and reports any anomalies so as to evaluate the anomaly, the impact and intervene quickly. |
| Restore & Correction |
In the unfortunate event that an anomaly is detected after the public release, recovery and corrective update mechanisms are available to resolve the detected issue. Vir.IT eXplorer PRO also has automatic integrity control mechanisms that block the loading of corrupt or non-functioning signatures, rules and filters. The customer can contact technical support for specific cases that can be handled individually with ad-hoc updates if necessary. |
| Root Cause Analysis | Following an event that requires recovery activities, a root cause analysis is performed to modify or implement additional internal processes to prevent the event from recurring. |
Detail of the phases related to the software and driver part:
| PHASE | DESCRIPTION |
|---|---|
| Development | Development with immediate verification performed by the developer or development team after creating/modifying the executable file, library or driver. This verification includes a code review and an initial functional and compatibility check. It also checks for vulnerabilities, errors and specific testing for BlueScreen (BSOD) and crashes. |
| Testing & Quality assurance |
Before the public release, the update is applied in the test environment and subsequently to all internal TG Soft machines (known as "eating our own dog food") with the aim of verifying the new features, extensive compatibility testing in the various Operating Systems (current and pre-release), performance and stability and to exclude the presence of errors that can generate catastrophic events such as BSOD or operating system crashes. Stress tests are performed and it is verified that the update has passed all quality controls. |
| Release | Once all internal control phases have been passed, the update is released publicly, in gradual phases also divided into multiple time slots or distinct days, for Customers who use the update method via Vir.IT Console Server and for customers who use the update in standalone mode. See the paragraph dedicated to the division of the customer base. The update process is tested in parallel and can be interrupted at any stage in the event of anomalies. In certain cases, the update can be anticipated to specific and limited customers for beta testing activities. |
| Monitoring & Feedback |
Vir.IT eXplorer PRO includes telemetric probes and automatic alerts to monitor any anomalies related to the released update. Technical assistance is also available via email or telephone/remote assistance that collects the necessary information and immediately reports any problems so as to evaluate the anomaly, the impact and intervene quickly to solve the problem. |
| Restore & Correction |
In the unfortunate event that an anomaly is detected after the public release, there are mechanisms available to block the update, restore to the previous version and corrective update to resolve the detected issue in an extremely short time. The customer can contact technical support for specific situations that, if necessary, can be managed individually with ad-hoc updates, dedicated procedures or dedicated manual technical interventions provided directly by TG Soft. |
| Root Cause Analysis | Following an event that requires recovery activities, a root cause analysis is performed to modify or implement additional internal processes to prevent the event from recurring. |
Release cycle flow and customer base breakdown
Customers can be divided into two main groups "Console Server" and "Standalone", in the first group it is possible to further divide the customers into 3 further subgroups while in the second it is possible to further divide the customers into 2 further subgroups.
This means that globally it is possible to divide the customers into 5 parts allowing a step release of about 20% of the total. In this way any issues discovered after the release will impact only a limited set of the customer base also shortening the recovery process.
Conclusions
TG Soft is committed every day to providing a high quality service.
All internal processes for verifying development and release cycles are constantly improved or adapted to new needs to provide the Customer with a high quality standard service and product.
TG Soft, in addition to all automatic and manual practices and techniques, provides assistance via email or telephone/remote assistance to all Customers and Resellers in order to detect, analyze and resolve any problems.
The adoption of SDP (Safe Deployment Practices) allows to guarantee security and resilience and allows to provide the user with the most comfortable, linear and immediate experience possible in using the Vir.IT eXplorer PRO software.