Broadleaf Commerce


Broadleaf Commerce

Application Name:

Broadleaf Commerce

Assessment Technique(s):

Static Analysis, Dynamic Analysis

Assurance Level:

High: Mission critical for the business

VerAfied since:


Application Description:

Broadleaf Commerce provides a comprehensive tool set for multi-channel delivery across B2C, B2B and marketplace use cases.  Broadleaf’s Reference Implementation features customer-facing eCommerce functionality, as well as the back-office administrative components found in the Broadleaf Commerce framework. eCommerce implementations requiring a high degree of customization thrive on our platform, as extensibility is a core design tenant. Asset management, rules-based promotion engine, catalog management, content management, order management, search and more are all available at an enterprise-class level of performance.

In its reviewed state, the Broadleaf Commerce tool meets or exceeds the security score outlined in the CA Veracode Risk Adjusted Verification Methodology for an application at the assurance level specified above. CA Veracode’s risk adjusted verification methodology is based on respected industry standards including MITRE’s Common Weakness Enumeration (CWE) for classification of software weaknesses and FIRST’s Common Vulnerability Scoring System (CVSS) for severity and ease of exploitability and NIST's definitions of assurance levels.




contact menu