SI Secure
SI Secure
IndustriesServicesProductsCompanyLibrary
SI Application Testing


Software Development (SDLC) Process Consulting

Developing secure software requires a development process that internalizes security. Our SDLC experts will analyze your existing software development lifecycle and identify key points within the process to integrate new or refine existing security checkpoints. This gives your development team a repeatable and effective process that incorporates security into each phase of the software development lifecycle.

Requirements Review

Application security requirements frequently go unstated. Projects that have clearly defined requirements will help keep the project on track and minimize the total lifecycle security cost to your project.
 
The Security Innovation requirements review helps organizations understand what the security requirements and objectives should be for the to-be-developed application. It begins with an examination of the security objectives from a user, system and business point of view.  We then determine what pre-existing requirements will fulfill these objectives and generate new requirements where needed.  Lastly, we examine the security impacts of these defined requirements to determine if they need to be modified to meet security realities or augmented to help improve the security of the design downstream.

Design Review

The Security Innovation Design Review provides an analysis of the application architecture and structure from a security standpoint and provides the necessary feedback for the architects to adjust the design as necessary for maximum security and usability.

The result of the Design Review is a collection of recommendations to secure the product and features defined, which is delivered as a paper report and presented live to the architecture team.

Test Plan Review

The Security Innovation Test Plan Review provides an analysis of the tests and techniques used to qualify the security of an application under development. The test plan is considered as a whole to determine the overall security testing capability and each test is reviewed for its ability to uncover specific security vulnerabilities associated with the application area under test.

The result of the Test Plan Review is a collection of identified missing tests, tests that are poorly implemented and recommendations for change, all of which is delivered as a paper report and presented live to the deployment team.

Deployment Assessment

The Security Innovation Deployment Assessment service provides an analysis of security vulnerabilities resulting from web application and deployment technology configuration. The Security Innovation application security team evaluates the ASP.NET, J2EE or AMP deployment environment and isolates configuration issues that lead to exposures.

The result of the Deployment Assessment is a is a collection of identified exposures and recommendations to secure the deployment, all of which is delivered as a paper report and presented live to the deployment team.

back to the top of the page