PRODUCT AND SECURITY SOFTWARE ASSURANCE

Carrier Product and Software Security Assurance Program

Products and services manufactured and supported by Carrier are subject to robust secure development and process control requirements that comply with commercially appropriate cybersecurity standards of compliance. The Carrier Way for product security means proactive focus, best practices, comprehensive support and the domain expertise to strengthen and ensure the resiliency and stability of our offerings. Our mission is to ensure the following core strategic outcomes:

CARRIER-17547P-roduct-Secuity-Web-Graphics-Carrier-Global-Product-Security-Program-Mission-Statement-150x150

Products and services that are "Secure by Design"
Standards-Based Product Security Governance & Compliance
Persistent Vigilance and Continuous Improvement
Customer Mission Success

Thought Leadership

Carrier works proactively to secure its offerings and enable best outcomes for customers. This requires contributing to and benefiting from our professional community within mutually beneficial strategic alliances and taking positions of industry thought leadership with leading security organizations. Carrier is proud to serve as:

Founding Member of the ISA Global Cybersecurity Alliance

CVE Numbering Authority (CNA)

Our Focus

At Carrier, system and operational security is integral. To ensure outcomes, research and development teams leverage Carrier Product and Software Security Assurance – a team of highly experienced and credentialed veterans; diverse and dynamic security domain experts who’ve maintained prominent roles and responsibilities in designing, building, and operating highly secure complex systems.

Carrier Product and Software Security Assurance supports and delivers the strategic, production, operational and commercial security-related demands of our product security stakeholders by fulfilling three core Mission Areas of Operation:

Secure Product Development
Product Security Operations
Security Innovation

Secure Product Development

Product Security Architecture assures and enables mission success during system build by proactively designing systems for security, reducing attack surfaces and continually assessing, managing, improving, and maturing the security posture of Carrier products and services within all appropriate product support and development lifecycle phases. Key Capabilities:

Governance, Compliance and Training
Security Design, Requirements and Architecture
Security Feature and System Development
Secure Modeling and Assurance
Security Risk Assessment

Product Security Operations

Product Security Operations assures and enables post-development mission success by providing advanced security testing, integration, secure deployment planning, threat intelligence, incident response, vulnerability publication, and lifecycle support. Key Capabilities:

Penetration & Regression Testing
Secure Deployment
Product Threat Intel
Advisory and Communications
Synergistic Secure Integration
Product Security Incident Response

Product Security Innovation

CARRIER-17547-Product-Secuity-Web-Graphics-Cybersecurity-Innovation-1920x1080

Product Security Innovation researches and develops innovative solutions, promotes thought leadership, differentiates offerings, and provides competitive advantages within the security domain for Carrier customers by solving complicated problems, driving cybersecurity as a feature, and stimulating advanced and secure technological transformation. Key Capabilities:

Advanced Security Research and Development
Security Innovation, Invention, and Service/Product Offerings
Product Security Standards Compliance & Certification
Competitive Analysis
Channel Support & Market Engagement

REPORT AN INCIDENT

ADVISORIES & DISCLOSURES

PRODUCT AND SECURITY SOFTWARE ASSURANCE

Carrier Product and Software Security Assurance Program​

Thought Leadership​

Our Focus​​