Dear, I wanted to ask if anyone knows where I can find answers to these technical queries?
I have tried to consult Google about this through different means and I am not getting answers. These are questions requested by the IT and Security area of ​​the organizations where I want to incorporate Appsheet, however no one gives me answers.
I need answers and support on this information, in the Appsheet documentation there is nothing or everything very vague in the answers.

4.1 How do you test the security of your network and applications? Internal, third parties or both? If so, what is the cadence? Explain your methodology
4.2 Please summarise or attach your network vulnerability management processes and procedures (specifying who executes the procedures and the tools used)?
4.3 Please summarise or attach your application vulnerability management processes and procedures (specifying who executes the procedures and the tools used)?
4.4 How do you regularly evaluate patches and updates for your infrastructure?
4.5 How does the criticality of the patch (critical, high, medium, low) affect deployment guidelines?
4.6 Are all endpoint laptops that connect directly to production networks centrally managed?
4.7 Describe both standard employee issued device security configuration/features and required BYOD configurations. (Login Password, antimalware, Full Disk Encryption, Administrative Privileges, Firewall, Auto-lock, etc.)
4.8 What systems do you have in place that mitigate classes of web application vulnerabilities? (e.g.: WAF, proxies, etc)
4.9 Do you have operational breach detection sytems, deception solutions and/or anomaly detection with alerting?
4.10 Describe your secrets management strategy:(auth tokens, passwords, API credentials, certificates)
4.11 Are all security events (authentication events, SSH session commands, privilege elevations) in production logged?
4.12 Is the production network segmented in to different zones based on security levels?
4.13 What is the process for making changes to the network configuration?
4.14 What cryptographic frameworks are used to secure a) data in transit over public networks, b) passwords, c) data at rest?
4.15 How are crytographic keys(key management system, etc) managed within your system?
4.16 Describe your security awareness program for personnel
5.1 How do you log and alert on relevant security events? (this includes the network and application layer)?
5.2 Describe or attach your Security Incident Response Program?
5.3 Do you have formally defined criteria for notifying a client during an incident that might impact the security of their data or systems? What are your SLAs for notification?
6.1 How do you ensure code is being developed securely?
6.2 How do you train developers in SSDLC / Secure Coding Practices?
7.1 Please describe how you authenticate users: If passwords are used, describe complexity requirements, and how passwords are protected. If SSO is supported, please describe the available options. If different service tiers are available, please describe.
7.2 Does your application enable custom granular permissions and roles to be created? Please describe the roles available
7.3 Which audit trails and logs are kept for systems and applications with access to customer data?
7.4 How does your application store API keys?
8.1 How do you conduct internal audits (audits lead by your personnel) of the service? please describe the scope, remediation process and frequency of audits.
8.2 How do you conduct external (third-party) audits of the service? please describe the scope and frequency of audits.
8.3 Please provide a copy of the most recent report (as per Service Introduction tab, section 5).