Software design and architecture flaws are most difficult to identify and most expensive to fix in production. Research shows it could be 100 times more expensive to fix software design flaws in production than at design time. Design and Architecture Review adds value to the software assurance model by identifying potential security issues at an early stage.
AppSecure Labs’ best practice methodology utilises proven secure design principles such as defense in depth, least privileges, fail safe and secure by default, and more to identify design and architecture issues. This activity is best performed by arranging meetings with the development team and by reviewing design documentation. We identify the most critical areas of the application, review the security controls in place, identify potential security gaps and make appropriate recommendations to tighten the security of your application cost effectively.
Our Approach:
- Attack Surface Evaluation
- Threat Identification
- Existing Controls Evaluation
- Gap Analysis
- Impact Analysis
- Control Recommendations
Deliverables
Report: A highly customised and actionable report is produced at the end of the review process to include high-level management summary, technical details, risk levels and remediation advice.
Further Support: A post review conference may be arranged with the management and technical personnel to ensure that the risks and remediation advice are understood thoroughly.
Contact Us to discuss your application security requirements and to find out how we could help.