Once the design of a system has reached a sufficient level of detail, it can be extremely valuable to perform a design review and/or threat modeling exercise. Also in existing systems it can be essential to look at the design with today’s security threats to know where additional mitigation measures are necessary to lower risks to your systems and data.
The goal of Secura's Design Review is to identify security improvements that are applicable to the environment as early as possible, to prevent design decisions from turning into costly production changes, or disasterous data leaks.
Design Review approach
In a design review Secura will review all available (relevant) design documentation and discuss this with your architect, technical owner and/or developers. The benefit of a design review is that the design can be verified against the information security policies (if available) and best practices of your organisation. Secura uses the following approach for this:
Suggestions Security Improvement
Secura aims to provide feasible suggestions, which is possible due to the interviews sessions. In the report a general reflection on the design (and our understanding of it) is presented followed by security improvement suggestions in an easy-to-read, concrete and actionable format.
Would you like to perform a Design Review (in combination with threat modeling) as input for a concrete next step for improving the security of your IT environment?
Request your free quote using this form
Do you have any questions? With nearly two decades of experience and a huge body of knowledge, Secura is in the fortunate position of being one of the few parties who can perform effective design review and threat modeling on virtually all types of systems, from embedded and IoT devices, to ephemeral cloud solutions that could be anywhere in the world. With our in-depth knowledge of state-of-the-art attacks and our hacker mindset the result will enable you to target the weakest spots in any system.
Do not hesitate to contact one of our experts on +31 (0)88 888 31 00 or send an e-mail to firstname.lastname@example.org, to identify your needs and come up with a solution that seamlessly integrates with your question.