Our Assessment Plan includes:
Leadership team involvement, policy and standard engaged, Law and regulation involved.
Physical security assessment:
Equipment management, Mobile computing, Physical and environmental security.
Secure SDLC assessment:
Review if security is enforced at each level of a product development.
Training: developer/testers trained on Code Security training.
Review security and privacy requirements.
Review Design requirement, surface attack analyze and threat modeling.
Static code analysis.
Dynamic code analysis, fuzz testing, attack surface review.
Incident response plan.
Test incident response plans.
Data Risk assessment:
Contact us for a complete security risk assessment today.