Software Engineering Security Assurance

These services are intended to help developers address the root cause of security problems at the start of and during application development. A growing number of organisations now appreciate that this is a far more effective – and cost-effective – way of identifying and correcting vulnerabilities in software than relying on penetration testing and other security assessments at a later stage. Context helps clients to implement a Secure Development Lifecycle (SDL), an extra element of security in the software development process that enables them to code more securely. An understanding of each application’s specific security requirements is the first step, then threat modelling, binary analysis and design and code reviews (the latter also performed before software is compiled) can be incorporated prior to final security testing.

© Copyright 2013 Context Information Security