The Security Practice in Telkite pioneers a process that helps align the Software Development Lifecycle with the latest in Security Standards, guidelines and principles. The process involves modifying the software development processes by integrating measures that lead to improved software security. The intention of these modifications is not to totally overhaul the process, but rather to add well-defined security checkpoints and security deliverables.
The process is a combination of tool based and manual based approach from the consultants in the Security Practice. Telkite uses the best of breed industry standard solutions (Commercial, Open source and Home grown) towards the Security Industrialization process. The 'security' activities that will be integrated by Telkite in different phases of the SDLC are:
Consider how security will be integrated into the development process, identify key security objectives, and otherwise maximize software security while minimizing disruption to plans and schedules.
Identify security milestones and exit criteria that will be required based on project size, complexity, and risk.
Architecture & Design Phase:
The design phase identifies the overall requirements and structure for the software. From a security perspective, the key elements of the design phase are:
Provide security design guidelines
Security architecture and design review
Conduct threat modeling
Telkite has built up a set of secure coding guidelines to be followed during application development. These guidelines are aligned with industry standards and make the code stronger and secure.
Testing and Deployment:
Tool / manual based application Security Testing
Source Code Examination
Access Control Testing
Secure application deployment