The Oracle Communications Security Shield Cloud Service (Security Shield) strictly follows Oracle Software Security Assurance (OSSA) guidelines for software development. Software security is always the top focus during software design, development, and deployment. Oracle Communications statically scans all source code and third-party software within our Continuous Integration-Continuous Delivery pipeline. Oracle Communications dynamically tests (fuzzing, penetration) all releases. All Oracle Communications Docker images pass through security and virus scans. Oracle Communications audits, fixes, or mitigates all security issues. Each Security Shield release is reviewed by Oracle Cloud Architecture Review (CAR), Corporate Security Solution Assurance Process (CSSAP), and verified by Security Assessment Review (SAR).