Security in Aspose.Slides

Aspose applies the best practices when developing its products.

  • Aspose.Slides for .NET is used to manipulate and transform presentations in files in other formats. It does not run scripts in presentations. Aspose.Slides simply parses the presentation structure and allows the the end-users code to manipulate the object model in a convenient way.

  • Aspose.Slides functions as a library in the context of parsing and interpreting documents without the execution of remote code. All Aspose products are executed on your machines. They do not transmit any data to Aspose. The only exception is when a metered license is involved, and even then (if you use a metered licensed), only your API usage information is processed.

  • Aspose components run in the same user context as regular applications. Therefore, Aspose components do not pose a risk to vital system resources. Furthermore, when a document is opened by an Aspose component, macros are not automatically run.

  • The risks inherent with or associated with the Microsoft Office package do not apply to Aspose components, so Aspose products are very secure.

Questions and Answers

What systems are used to monitor for vulnerabilities in Aspose code?

We run a static code analysis for every Aspose.Slides release. We can provide security reports that prove Aspose.Slides code passes OWASP Top 10.

What systems do you employ to monitor for vulnerabilities in external packages?

We do not employ systems to check for vulnerabilities in external packages because Aspose.Slides does not contain or use any external packages. Aspose.Slides depends on ONLY the .NET framework itself.