 |
 |
A SDLC (Secure Development Lifecycle) framework is the glue the binds all the
relevant security processes, technologies and methodologies together within your
organisation. This framework can either be extremely lightweight (typically for
smaller organisations) or more robust for larger organisations.
The OpenSAMM Framework (www.opensamm.org) that is sponsored and supported by
OWASP along with other standards for Application Security including the BSIMM
projects provide an excellent starting place and roadmap on considerations for
any organisations. Typically, an SDLC covers the following key areas:
- Strategy & Metics
- Policy & Compliance
- Education & Guidance
- Threat Assessment/Environment
- Security Requirements
- Secure Architecture & Design
- Design Review
- Code Review
- Security Testing
- Vulnerability Management
- Environment/Platform Hardening
- Operational Enablement
Appsecure works alongside our clients, to help implement successful SDLC
programs that cover these particular areas. A maturity assessment will create
the initial steps and align your organisation with these open standards. From
here, you can develop a plan and start to implement key areas of the SDLC within
the organisation.
|
|
 |
 |
|
Strategic Security |
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Education & Awareness |
|
|
|
|
|
|
|
|
|
Research & Testing |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
Are you a client? Our client portal provides real-time access to your reports,
as well as our knowledge portal and secure file transfer.
|
|
 |