Skip to main content
Xoxoday Plum operates on a structured monthly patching cycle for routine security vulnerabilities, bug fixes, and performance improvements, with critical hotfixes deployed promptly outside that cycle whenever urgent issues are identified.
Xoxoday Plum follows a structured monthly patching cycle that covers security vulnerabilities, bug fixes, and performance improvements across the platform. This regular cadence ensures the system stays current with evolving security standards and delivers a stable, high-performance experience for administrators and end users alike. Each monthly release goes through internal testing and quality assurance before deployment. Updates may include library upgrades, dependency patches, UI refinements, and backend optimizations. For teams using Xoxoday Plum alongside HR systems such as Workday, SAP SuccessFactors, or Darwinbox, standard updates are applied server-side and do not require administrators to reconfigure existing integrations or re-authorize data connections. For critical issues — such as a newly discovered security vulnerability or a production-impacting bug — Xoxoday Plum deploys hotfixes outside the regular monthly cycle. These emergency patches are prioritized and applied as quickly as possible to minimize exposure and reduce risk to platform availability. Zero-day vulnerabilities affecting third-party dependencies bundled within Xoxoday Plum are treated with the same urgency and follow the same expedited resolution path. Xoxoday Plum’s patching process aligns with industry-recognized security frameworks. The platform maintains certifications including ISO 27001 and SOC 2 Type II, both of which mandate documented change management and vulnerability remediation procedures. Every patch — routine or emergency — follows a controlled process with internal review, regression testing, and post-deployment verification to confirm stability. For organizations using Xoxoday Plum alongside collaboration tools like Slack or Microsoft Teams for reward delivery and notifications, platform updates do not disrupt existing webhook configurations or API connections. Employees continue to receive reward alerts and redemption links without interruption during or after a scheduled update window. Security and compliance teams with audit requirements can request documentation related to Xoxoday Plum’s change management practices as part of vendor due diligence. This helps organizations in regulated industries verify that patch cadences align with their internal policies and satisfy external audit requirements. Learn more: Xoxoday Plum Help Centre — General

Security Certifications and Compliance

Learn about the ISO 27001, SOC 2 Type II, and other compliance certifications that govern how Xoxoday Plum is built and maintained.

Uptime SLA and Availability Commitments

Understand the uptime guarantees and service level commitments Xoxoday Plum provides across its platform infrastructure.