Last Updated: December 12th, 2025 at 1:42:44 AM GMT+9
Welcome to eSolia on GitHub. We're a Tokyo-based IT management consultancy, and we're glad you're here. We are a security conscious company, incorporating ISO 27001 good practices in our work, including software development.
Specifically, the following are the requirements mandated in ISO 27001:2022 Annex A Control 8.25 as "rules for the secure development of software and systems", and how we address them.
| Requirement | Actions |
|---|---|
| 1. Keeping development, testing, and production environments separate. | For typical jamstack websites (most of our sites), development refers to the developer's local environment, testing refers to a protected branch published for the client to review, and production is the published website. In the case of our PROdb cloud database, it is possible to make a combined dev and test environment, which is separate from production, then merge it to production when approved. |
| 2. Offering guidance on security in the software development life cycle, in terms of general methodology and languages use. | We handle this via SOP. |
| 3. Implementing security requirements during the specification and design phases. | Every project considers and specifies security during initial projects, or changes. |
| 4. Developing and using security checkpoints in projects. | We establish the basic security framework for a project in the specification phase, develop per the basic guideline established in the spec, then finally report how the project has implemented security. |
| 5. Engaging in security and system testing. | For most website projects, security scanning entails checking security headers are in place. For cloud database projects, the platform vendor is running basic security penetration tests regularly, and we check relevant security areas at every step, in specific configuration areas such as table, view, form security. |
| 6. Establishing secure repositories for storing source codes and configurations. | Only permitted personnel have write permissions (commit or merge access) to repositories. |
| 7. Ensuring security in version control during change management. | Change management process considers version control security. |
| 8. Ensuring all personnel involved in development have the required application security knowledge. | We are engaged in an ongoing effort to develop this knowledge. |
| 9. Ensuring developers have the capacity to recognise and avert security flaws. | We take care to understand security and the lack thereof, within the websites we develop and the apps we configure. |
| 10. Adhering to licensing requirements. | We are aware of licensing and adhere to all requirements. |
- 📣 New Blog Post We’ve summarized the key basics and tips for using Microsoft Teams Webinars. It’s easy to follow—perfect for first-time hosts. Check it out👇 https://blog.esolia.pro/en/posts/20251212-teams-webinar-en/ #MicrosoftTeams #Webinar #OnlineEvents #RemoteWork #TeamsTips
- 📣 New Blog Post Microsoft Teamsのウェビナー機能の基本と活用方法をまとめました!初めての方にもわかりやすく解説しています。オンラインイベント開催の参考にぜひご覧ください👇 https://blog.esolia.pro/posts/20251212-teams-webinar-%E5%9F%BA%E6%9C%AC%E3%81%A8%E6%B4%BB%E7%94%A8-ja/ #MicrosoftTeams #ウェビナー #オンラインイベント #リモートワーク #TeamsTips #Webinar #オンラインセミナー
- 📣 New Blog Post Have you upgraded to Windows 11 yet? I’ve highlighted three useful features in my latest blog post — they might just boost your productivity. Check out the article here👇 https://blog.esolia.pro/en/posts/20251120-windows-11-features-en/ #Windows11Tips #Windows11Features
| Item | Value |
|---|---|
| Repo Total Files | 1 |
| Repo Size in MB | 149 |
| Lume Version | v2.4.2 |
| Deno Version | 2.6.0 |
| V8 Version | 14.2.231.17-rusty |
| Typescript Version | 5.9.2 |
| Timezone | Asia/Tokyo |
We're generating this readme using the Lume static site generator from within the eSolia .github repository. See this page for details to get your own dynamic readme!
