In Octopus Deploy, as is the case with Forsta Plus, an application security review by an independent party is performed regularly, at a minimum on major releases. Major findings will be remediated as a part of this process. A report of this application test is available on request. The Octopus Deploy server typically requires access to the package repositories hosted by Forsta to download new versions of the Forsta Plus code. The access to these download sites are regulated via the use of Company-wide usernames and passwords. Outbound access from the server hosting the Octopus application is sufficient. Furthermore, the Octopus Deploy server needs to be able to reach all application servers running the Forsta Plus code to orchestrate the code deployment.