Security Architecture
and Design
Security development lifecycle
Security consulting and training
Continuous testing and SecDevOps
Threat and risk analysis
Security in software development
Cybersecurity in software development (Security Development Lifecycle) includes taking security aspects into account when planning application systems. Our IT experts provide conceptual support in the following areas of software development:
- Creation or evaluation of requirements for a software system (Requirements Engineering)
- Analysis and assessment of risks for the software system (threat modeling)
- Evaluation of (existing) software solutions and architectures
- Integration of IT security into the software development lifecycle (SDLC)
- Integration of IT security in Continuous Integration (CI)/ Continuous Delivery (CD)
The goal of security in software development is to take a holistic view of the process of creating software applications. In contrast to technical analysis, the focus is on the conceptual level of the software development cycle. Particularly in the early phases of specification and planning of the application system, potential threats can be identified early on and taken into account during implementation in order to avoid costly changes later in the project (Secure by Design).
Security in software development thus closes the gap between planning on the one hand and the secure implementation of the software system on the other.
The goal generally consists of the following four points:
- Identification of risks and threats to the application system and its users.
- support in architectural decisions
- Recommendation of suitable measures to avoid vulnerabilities as a prerequisite for high software quality in the area of IT security during the implementation phase.
- Integration of IT security into the software development cycle
In addition to the general objectives mentioned above, it is possible to define the specific objectives and their prioritization individually in advance in coordination with the client and to adapt them accordingly to the software development cycle.
The implementation of the goals can take place in one or ideally in several of the following phases of software development:
- System requirements analysis: Determination and definition of the general requirements for the software system in order to understand, for example, the purpose and the intended mode of operation. Security requirements are defined on the basis of the general requirements so that the application system can be operated safely in later productive use.
- Software architecture: If the analysis of the software architecture and the security assessment of the application system are carried out at a conceptual level, later vulnerabilities during implementation and productive use are avoided.
- Component specification: When designing the individual application components, the integration of security can be integrated as a further measure in order to preventively identify possible vulnerabilities in the later implementation phase.
In addition to the V-model, the above-mentioned content can also be adapted to the classic waterfall model or agile approaches (e.g. Scrum) in software development. In consultation with the customer, it is possible to individually determine the specific goals and their prioritization in advance of implementation and to adapt them accordingly.
The approach to the individual points is based, among other things, on the OWASP Application Security Verification Standards [1], the OWASP Threat Modeling Process [2] as well as the approaches from Microsoft [3].
- Threat Modeling: What risks exist for the application system and its users in productive use?
- System requirements analysis: What requirements do threats and malicious actors place on the security level of the software system in order to prevent successful attacks?
- Secure software architecture: Which vulnerabilities in the software architecture enable successful attacks during productive use of the application system?
- DevOpsSec: Which measures can be integrated into CI/CD processes to increase software quality in the area of IT security?
- Static source code analysis: Following the design of the software system, the source code can be examined for existing vulnerabilities or misconfigurations using a static analysis at the beginning of the implementation phase.
- Penetration tests and audits: After the implementation of the software system or individual components has been completed, they can be examined for existing vulnerabilities in terms of security as part of component and integration tests.
- Security consulting: Based on the knowledge gained and the vulnerabilities identified, general or application-specific topics in the area of IT security, best practices or know-how can be conveyed to raise awareness or for solution approaches.
- Developer training: If various attack scenarios or recommended actions are unknown from the developer’s perspective, basic knowledge in the area of secure software development can be imparted through targeted training content.
Security consulting and training
The aim of our experts in the field of security consulting and training is to impart content to build competencies in the field of IT security:
- The security consulting focuses on specific threats and the evaluation of currently implemented measures and, if necessary, their further development. The consulting work usually remains on a conceptual level and offers a basis as a decision-making aid for executives, management and software architects.
- The security training area follows a technical approach by conveying selected training content in order to be able to use the acquired knowledge and skills to safely solve everyday tasks and challenges (e.g. secure programming). The training courses are primarily aimed at developers (teams), administrators and technical staff related to IT security.
Attacks on companies, critical infrastructures and generally on publicly accessible IT systems are commonplace today. Cyber attacks are now considered one of the greatest risks to the profitability of companies. Adequate protection against malicious actors can therefore make a decisive contribution to the profitability of a company. For effective protection, it is important to know the methods and means used by attackers and to implement appropriate, effective measures.
The aim of the two sub-areas of security consulting and training is to convey content to build competencies in the area of IT security:
- The security consulting focuses on specific threats and the evaluation of currently implemented measures and, if necessary, their further development. The consulting work usually remains on a conceptual level and offers a basis as a decision-making aid for executives, management and software architects.
- The security training area follows a technical approach by conveying selected training content in order to be able to use the acquired knowledge and skills to safely solve everyday tasks and challenges (e.g. secure programming). The training courses are primarily aimed at developers (teams), administrators and technical staff related to IT security.
The specific recommendations and training content are based on the requirements as well as the technical and organizational circumstances of the client.
The implementation of a consultation or training takes place in the following phases:
- Kick-off: In a preliminary discussion, the relevant points for a consultation or the content of a training course are determined. The group of participants is also determined so that the content can be coordinated in a targeted manner.
- Implementation: In the implementation phase, the agreed training content is communicated or the consultation is carried out within the defined group of participants.
- Follow-up: In the follow-up phase, further steps can be defined based on the results of the implementation, e.g. planning further consultations or training courses.
Consultations and training sessions can also take place over a longer period of time (e.g. during development or as part of a change process). The specific content of a consultation on the training content is agreed individually with the customer during a kick-off.
The specific content of the security consulting and training is agreed in advance with the client. The approach is based, among other things, on the OWASP Application Security Verification Standards [1], the OWASP Threat Modeling Process [2] and the approaches of Microsoft [3]. The following points provide a general overview:
Security consulting:
- threat modeling
- Support in identifying security risks
- Support in decision-making in the area of IT security
Education and training:
- teaching of attack strategies and methods
- Secure Programming of Application Systems
- Secure configuration of application systems
In addition to the consulting and training content, specific vulnerabilities and threats within a company can be identified through targeted testing activities at the application, source code or network level.
- Security consulting: Based on the knowledge gained and risks identified, further general or application-specific topics in the area of IT security, best practices and know-how can be conveyed.
- Developer training: If various attack scenarios or recommended measures are unknown from the developer’s perspective, basic knowledge in the area of secure software development can be imparted, for example, through targeted training content.
- Penetration tests and audits: The theoretical and practical content can be supplemented by a technical review. Penetration tests and audits can be used to determine the security level of IT systems.
- Scenario-based penetration testing: Phishing campaigns can be used to test employees’ sensitivity to fraudulent emails and other social interaction-based attacks. It is also possible to simulate an attack via a stolen client device and test how far an attacker can penetrate into the company network.
Continuous testing / SecDevOps
Our approach to Continuous Testing and SecDevOps focuses on providing a seamless, automated process that enables security and quality controls to be efficiently integrated into the software development lifecycle. We offer expertise in setting up and optimizing CI/CD pipelines, selecting and implementing appropriate security tools, and training teams to create and maintain security awareness.
Our experts provide support and implementation in the following key areas:
- automation of security tests
- Integration in CI/CD
- Static and dynamic code analysis
- training and awareness-raising
When developing software, it is important not only to develop it quickly, but also securely. Continuous testing and SecDevOps enable teams to identify and fix security vulnerabilities early, which leads to a significant reduction in potential security risks. In addition, they improve the efficiency of the development process by minimizing manual reviews and providing a continuous feedback loop.
The main goal of Continuous Testing and SecDevOps is to ensure the security and quality of software throughout the development cycle. This is achieved by creating a culture and practice where testing is automated and integrated into daily work, allowing teams to quickly respond to issues and make fixes without slowing down the development process.
Implementing Continuous Testing and SecDevOps requires close collaboration between development, operations and security teams. This includes automating security tests, integrating security checks into the CI/CD pipeline, leveraging static and dynamic code analysis tools, and providing regular training and awareness to development teams to promote security best practices.
- Security testing automation: Implementing tools and processes to perform security testing automatically and continuously.
- Integration in CI/CD: Embedding security checks in the continuous integration and continuous deployment pipelines.
- Static and dynamic code analysis: Use of SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools to identify security vulnerabilities.
- Training and awareness: Promote awareness of security issues and best practices within development teams.
Our approach to Continuous Testing and SecDevOps focuses on providing a seamless, automated process that enables security and quality controls to be efficiently integrated into the software development lifecycle. We offer expertise in setting up and optimizing CI/CD pipelines, selecting and implementing appropriate security tools, and training teams to create and maintain security awareness.
To successfully implement Continuous Testing and SecDevOps, we plan the following steps:
- Assessment of current development and security practices.
- Selection and implementation of suitable tools and technologies.
- Integrating security testing into the CI/CD pipeline.
- Conducting trainings and workshops for development teams.
Threat and risk analysis
Our threat and risk analyses provide companies with a sound basis for strengthening their security policies. We use proven methods and tools to conduct in-depth analyses that enable our customers to effectively plan and implement their security strategies. Our experts support the entire process chain from identification to risk mitigation.
Our experts provide support and implementation in the following key areas:
- threat and risk analysis
- Threat Intelligence
- vulnerability analysis
- risk matrix
- security policies and standards
- Proactive security measures
The main goal of a threat and risk analysis is to gain a comprehensive understanding of an organization’s current security posture. By systematically identifying and assessing threats and risks, targeted security strategies can be developed and implemented to minimize the risk of data breaches and other security incidents.
Implementing an effective threat and risk analysis involves several steps:
- Asset identification and classification: Identification and assessment of information, systems and resources that need to be protected.
- Threat identification: Detecting potential threats that could compromise the security of assets.
- Risk assessment: Evaluation of identified risks based on their likelihood and potential impact.
- Risk treatment: Development and implementation of measures to reduce, accept, transfer or avoid risks.
- Threat and risk analysis: Essential processes for identifying and assessing potential security risks.
- Threat Intelligence: Using information about current threat trends and attack techniques to improve security measures.
- Vulnerability assessment: Conducting vulnerability scans and assessments to identify security vulnerabilities.
- Risk matrix: Creating a risk matrix to prioritize risks and support decision-making.
- Security policies and standards: Review and adapt security policies and standards to the identified risks.
- Proactive security measures: Developing and implementing measures to address potential security risks.
Our threat and risk analyses provide companies with a sound basis for strengthening their security policies. We use proven methods and tools to conduct in-depth analyses that enable our customers to effectively plan and implement their security strategies. Our experts support the entire process chain from identification to risk mitigation.
- Implementation of security measures: Based on the results of the analysis, appropriate security measures should be developed and implemented to address identified risks.
- Employee training and awareness: Employees play a critical role in protecting against security threats. Training and awareness campaigns should be conducted to make employees aware of potential risks and impart information security best practices.
- Regular review and update: The threat landscape and IT infrastructure of an organization can change constantly, so it is important to repeat the threat and risk analysis regularly and adapt and update security measures accordingly.
Sources
[1] The OWASP® Foundation, OWASP Application Security Verification Standard, https://owasp.org/www-project-application-security-verification-standard/
[2] The OWASP® Foundation, Threat Modeling Process, https://owasp.org/www-community/Threat_Modeling_Process
[3] Microsoft, Security Development Lifecycle, https://www.microsoft.com/en-us/securityengineering/sdl