|
At the heart of any successful security risk management program is a
lightweight, implementable secure development life cycle program. This framework
pulls all the different elements of a successful program together and creates a
"centre of excellence" for application development, program management and data
security. The Appsecure team has extensive experience in developing and aligning
these programs within organisations.
Based on our work with OpenSAMM (www.opensamm.org) and OWASP project, we work
alongside organisations to help map their AGILE, Waterfall and other development
methodologies inline with recommended industry security practices. The security
practices to be considered within an organisation include:
- Strategy & Metics
- Policy & Compliance
- Education & Guidance
- Threat Assessment/Environment
- Security Requirements
- Secure Architecture & Design
- Design Review
- Code Review
- Security Testing
- Vulnerability Management
- Environment/Platform Hardening
- Operational Enablement
Our SDLC Maturity program is a lighweight security assessment that reviews the
current security posture of the organisation against the OpenSAMM program and
then helps to identify which area's should be implemented. A formal roadmap is
produced with the organisational team to ensure that a program of delivery can
be implemented.
Not all organisations require detailed roadmaps. By talking with us today, find
out how our strategic team can help implement key aspects of the security
environment as required.
|