![varjo-logo-white-transparent-1.png]](https://support.varjo.com/hs-fs/hubfs/varjo-logo-white-transparent-1.png?height=40&name=varjo-logo-white-transparent-1.png){kind=logo}
What makes Varjo's software (Varjo Base) secure?
Varjo Base—our software for managing the headset—was designed with enterprise-grade security in mind. The core principle: the customer is always in control of data and connectivity.
- All log files are stored on the customer’s PC and are fully under their control—they can be read, deleted, or shared manually. No logs are sent automatically.
- Automatic software updates can be fully disabled. All updates are digitally signed so customers can verify authenticity.
Varjo Base is developed following a secure Software Development Lifecycle (SDLC) that includes:
- Mandatory code reviews and automated testing for every code change.
- Only designated personnel can approve code for release.
- A dedicated team manages Continuous Integration (CI) systems, with VPN and user authentication required for remote access.
- Static code analysis is used regularly to identify security and quality issues.
- All third-party components are vetted, and a dependency vulnerability scanner runs on every build.