SI Secure
SI Secure
IndustriesServicesProductsCompanyLibrary
SI Application Testing


Software Development (SDLC) Process Consulting

Developing secure applications requires a development process that internalizes security. We can help your development team to contruct a sound secure development process that incorporates security into each phase of the software development lifecyle.

Requirements Review

The Security Innovation Requirements Review scrutinizes each requirement from a security perspective and highlights areas where they will lead to exposures in the deployed product. Each is considered from an "abuse case" perspective and defines additional capabilities necessary to be secure.

The result of the Requirements Review is a collection of recommendations to secure the product and features defined, which is delivered as a paper report and presented live to the requirements management team.

Design Review

The Security Innovation Design Review provides an analysis of the application architecture and structure from a security standpoint and provides the necessary feedback for the architects to adjust the design as necessary for maximum security and usability.

The result of the Design Review is a collection of recommendations to secure the product and features defined, which is delivered as a paper report and presented live to the architecture team.

Test Plan Review

The Security Innovation Test Plan Review provides an analysis of the tests and techniques used to qualify the security of an application under development. The test plan is considered as a whole to determine the overall security testing capability and each test is reviewed for its ability to uncover specific security vulnerabilities associated with the application area under test.

The result of the Test Plan Review is a collection of identified missing tests, tests that are poorly implemented and recommendations for change, all of which is delivered as a paper report and presented live to the deployment team.

Deployment Assessment

The Security Innovation Deployment Assessment service provides an analysis of security vulnerabilities resulting from web application and deployment technology configuration. The Security Innovation application security team evaluates the ASP.NET, J2EE or AMP deployment environment and isolates configuration issues that lead to exposures.

The result of the Deployment Assessment is a is a collection of identified exposures and recommendations to secure the deployment, all of which is delivered as a paper report and presented live to the deployment team.

back to the top of the page