FDA (21 CFR Part 11) Validation
Please note that although this page mentions specific companies, we do not explicitly endorse or sell anyone's services. Tomcat and Apache are not-for-profit organizations. This page is also far from a complete listing of vendors and support options. It is meant as a demonstration showing that these options do exist and that running Tomcat in a validated environment is both feasible and reasonable.
- Can Tomcat be used in a validated environment?
- Has anyone actually done it?
- Is Tomcat itself validated?
- What kind of support is there around validating Tomcat?
- How do I know I have a validated release? How do I know no one has tampered with the release package?
- What about security? I'm concerned about attacks.
- There are numerous smaller vendors and several large ones, including IBM, HP, Sun, and Novell, who offer Tomcat consulting and support services, including application auditing, environment assessments, and risk analysis.
- There are numerous vendors in addition to the above consultants, like SpringSource (formerly Covalent) and JBoss, who offer 24/7/365 enterprise-level support for Tomcat.
- The Tomcat mailing lists are extremely active and contain members of many of the above organizations, including contractors available for hire.
There's no need to be. See the security page of this FAQ for more information.