What's the Adyen way of development and engineering?

The Adyen way of engineering

At Adyen, security is not an afterthought, we embed it throughout every phase of our product lifecycle. This approach allows us to catch flaws in very early stages, which substantially reduces risk, workload and the need for excessive security engineering activities. As such, we include security requirements and threat modeling activities in every phase of engineering platform components, from initial design to launch, operational support and potential sunset.

During the build phase, our engineers work in line with secure engineering best practices, assisted by automated tooling to prevent vulnerabilities. Design and build validation happen throughout the product lifecycle by means of security assessments, executed by internal and external pentesters.

Secure development lifecycle

All changes to our codebase or infrastructure are reviewed and verified by at least one additional trusted engineer and enforced by dual control processes in version management systems. Platform changes are recorded centrally, ensuring visibility and auditability. Releases are automatically tested for functional and security requirements in a continuous integration pipeline, and deployed in a staged manner making use of multiple environments to ensure proper segregation.

The integration security guide

Follow best practices to reduce security risks.

View integration security guide

Related content

The illustration of support agent wearing a headset.

Do you need additional help?

Contact our support team

Send us the details of your issue by adding images or screenshots.

Submit a request