article Release Software Asset Distribution and Integrity in Official Support Articles https://community.qlik.com/t5/Official-Support-Articles/Release-Software-Asset-Distribution-and-Integrity/ta-p/2519952 <H3><FONT color="#339966"><STRONG>How does Qlik distribute its release software assets?</STRONG></FONT></H3> <P>Qlik distributes its release software assets through GitHub.</P> <UL class="lia-list-style-type-circle"> <LI>The assets are shared as releases in repositories under <A href="https://github.com/qlik-download" target="_blank" rel="noopener">https://github.com/qlik-download</A>.</LI> <LI><A style="font-family: inherit; background-color: #ffffff;" href="https://github.com/qlik-download" target="_blank" rel="noopener">https://github.com/qlik-download</A><SPAN> is part of Qlik’s enterprise account with GitHub</SPAN></LI> </UL> <H3><FONT color="#339966"><STRONG>How are the files secured and served?</STRONG></FONT></H3> <P>No external party can upload or modify content in the Qlik Download repositories. Access is controlled by Qlik’s corporate authentication.</P> <UL class="lia-list-style-type-circle"> <LI>The write access is exclusive to current Qlik employees and only to members of Qlik’s release management and security team.</LI> <LI><SPAN>The Qlik Community download page consists of an embedded Qlik Sense app.</SPAN></LI> <LI><SPAN>The app is published through a Qlik Cloud tenant that is secured witgh Qlik’s corporate authentication.</SPAN></LI> <LI><SPAN>Only a handful of Qlik employees are authorized to access the Qlik Cloud tenant.</SPAN></LI> <LI><SPAN>No other employees or external parties can alter the information in the download app.</SPAN></LI> </UL> <P>Qlik software is secured from malicious content as described in Secure SDLC Policy in <A id="menurks8" class="fui-Link ___1q1shib f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" title="https://security.qlik.com/" href="https://security.qlik.com/" target="_blank" rel="noreferrer noopener" aria-label="Link https://security.qlik.com/">https://security.qlik.com/</A>.&nbsp;</P> <UL class="lia-list-style-type-circle"> <LI>Distributed installers are signed by Qlik, which the customer can validate in the file details after download.&nbsp;Any manipulation of the file content will invalidate the signature, and the OS will throw an error during installation.&nbsp;</LI> <LI><SPAN>Qlik software installer that is not signed by Qlik or displays any error should not be installed or trusted by customers.</SPAN></LI> </UL> Wed, 04 Jun 2025 06:28:38 GMT Sonja_Bauernfeind 2025-06-04T06:28:38Z Release Software Asset Distribution and Integrity https://community.qlik.com/t5/Official-Support-Articles/Release-Software-Asset-Distribution-and-Integrity/ta-p/2519952 <H3><FONT color="#339966"><STRONG>How does Qlik distribute its release software assets?</STRONG></FONT></H3> <P>Qlik distributes its release software assets through GitHub.</P> <UL class="lia-list-style-type-circle"> <LI>The assets are shared as releases in repositories under <A href="https://github.com/qlik-download" target="_blank" rel="noopener">https://github.com/qlik-download</A>.</LI> <LI><A style="font-family: inherit; background-color: #ffffff;" href="https://github.com/qlik-download" target="_blank" rel="noopener">https://github.com/qlik-download</A><SPAN> is part of Qlik’s enterprise account with GitHub</SPAN></LI> </UL> <H3><FONT color="#339966"><STRONG>How are the files secured and served?</STRONG></FONT></H3> <P>No external party can upload or modify content in the Qlik Download repositories. Access is controlled by Qlik’s corporate authentication.</P> <UL class="lia-list-style-type-circle"> <LI>The write access is exclusive to current Qlik employees and only to members of Qlik’s release management and security team.</LI> <LI><SPAN>The Qlik Community download page consists of an embedded Qlik Sense app.</SPAN></LI> <LI><SPAN>The app is published through a Qlik Cloud tenant that is secured witgh Qlik’s corporate authentication.</SPAN></LI> <LI><SPAN>Only a handful of Qlik employees are authorized to access the Qlik Cloud tenant.</SPAN></LI> <LI><SPAN>No other employees or external parties can alter the information in the download app.</SPAN></LI> </UL> <P>Qlik software is secured from malicious content as described in Secure SDLC Policy in <A id="menurks8" class="fui-Link ___1q1shib f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" title="https://security.qlik.com/" href="https://security.qlik.com/" target="_blank" rel="noreferrer noopener" aria-label="Link https://security.qlik.com/">https://security.qlik.com/</A>.&nbsp;</P> <UL class="lia-list-style-type-circle"> <LI>Distributed installers are signed by Qlik, which the customer can validate in the file details after download.&nbsp;Any manipulation of the file content will invalidate the signature, and the OS will throw an error during installation.&nbsp;</LI> <LI><SPAN>Qlik software installer that is not signed by Qlik or displays any error should not be installed or trusted by customers.</SPAN></LI> </UL> Wed, 04 Jun 2025 06:28:38 GMT https://community.qlik.com/t5/Official-Support-Articles/Release-Software-Asset-Distribution-and-Integrity/ta-p/2519952 Sonja_Bauernfeind 2025-06-04T06:28:38Z