Before any patch release, SapphireIMS quality assurance team performs VAPT scanning on whole product with Acunetix tool(https://www.acunetix.com/) and if any vulnerabilities found, it will be fixed by our engineering team and again quality assurance team performs scanning to make sure no vulnerabilities found. SapphireIMS follows OWSAP standard guidelines to address VAPT issues.
Please refer another article on the measures which we take Shall I trust SapphireIMS as secure application?