Hello everyone.
Newbie with Ubuntu at the enterprise level and hoping someone may be able to direct me in the right path. I am part of a financial institution and we are looking at migrating our middleware solution from Windows to Linux/Ubuntu. One of the processes we need to go through is a vendor due diligence and security process. There are several sites out there that contain security documents, but typically we request certain documents such as NDA, pen tests SOC II compliance etc...
I know Ubuntu is Open sourced, so it would be difficult for some of these things (like the NDA), but is there a number to call from an enterprise perspective for these types of requests? Or is it just what is out there is out there?
Also - If anyone has gone through a similar process for their enterprise and know where to gather this sort of information, anything template wise or direction would be greatly appreciated.
Thank you,
Gregg