1. Varjo Support
  2. Security FAQ
  3. Software (Varjo Base) Security

What makes Varjo's software (Varjo Base) secure?

Varjo Base—our software for managing the headset—was designed with enterprise-grade security in mind. The core principle: the customer is always in control of data and connectivity. 

  • All log files are stored on the customer’s PC and are fully under their control—they can be read, deleted, or shared manually. No logs are sent automatically. 
  • Automatic software updates can be fully disabled. All updates are digitally signed so customers can verify authenticity. 

Varjo Base is developed following a secure Software Development Lifecycle (SDLC) that includes: 

  • Mandatory code reviews and automated testing for every code change. 
  • Only designated personnel can approve code for release. 
  • A dedicated team manages Continuous Integration (CI) systems, with VPN and user authentication required for remote access. 
  • Static code analysis is used regularly to identify security and quality issues. 
  • All third-party components are vetted, and a dependency vulnerability scanner runs on every build.