Appendix B. Approved Software

Approved Software

Last Reviewed: 2025-02-17:19:44:43-UTC

Software approved for use at APS includes, but is not limited to:

• Adobe suite
• Atlassian suite
• Jetbrains suite
• Google Workspaces suite
• Code editors (IntelliJ, PyCharm, WebStorm, VS Code, etc)
• 1Password / BitWarden (The use of LastPass is strongly discouraged due to its poor security record)
• Docker (Due to licensing considerations, Docker Desktop requires explicit approval from the Head of Engineering. APS strongly encourages the use of finch in lieu of Docker Desktop.)
• Node/npm/yarn
• Java (OpenJDK or Amazon Corretto distributions. Due to licensing restrictions, the use of Oracle Java is expressly prohibited.)
• Python 3.7 and later
• Git
• Office 365
• Microsoft 365 (and any apps/services managed by Microsoft 365)
• Postman
• Slack
• Microsoft Teams
• Zoom

Reputable and well documented open source / free software may be used for development purposes at the discretion of the Engineering team. Cb Defense agents must be active to monitor the behavior of all application processes. Additional periodic audit may be conducted to review the usage of open source tools. Examples of such software include, but are not limited to:

• Chrome and various browser extensions
• Firefox and various browser extensions
• Homebrew
• GraphQL/GraphiQL
• Keybase
• Skitch
• Spectacle
• Terraform
• etc.

Software not in the list above may be installed if it is necessary for a business purpose, legal, with a valid license, and approved on a case-by-case basis by your manager or the Security Officer.