Microcreation's Software Assurance services help identify security problems at any phase of the development lifecycle - and within the development process itself. For each offering, we will identify and focus our efforts on those areas where your application or Process is most at risk, report back what problems/vulnerabilities were found, and provide Remediation advice.
Application Security Testing:
Microcreation's security engineers will employ propriety manual attacks and specialized tools to uncover vulnerabilities in your software. For both web and non-web applications.Using proprietary attacks and focusing on high-risk areas, our testing will uncover elusive vulnerabilities in desktop, web, server and embedded software.
Security Code Review:
Our expert security team employs a combination of static analysis tools and “eyes on” manual review to uncover the highest number of flaws possible - and provides remediation for those coding errors. A Code Review analyzes existing codebase and locates code constructs that lead to security vulnerabilities. Code reviews may be executed against applications written in C, C++ C#, Visual Basic, Visual Basic.NET, ABAP, and a myriad of web technologies including Ruby, PHP, AJAX, and Perl.
Although the majority of software vulnerabilities are found during the implementation and test phase, most are introduced during the design phase - before a line of code is even written. Microcreation Team can help your organization build a secure design plan for your software applications - ensuring high levels of success at later phases of the development process.
Secure Development Process Optimization:
Microcreation expert security team will work closely with your organization to better understand gaps in your development process and help rollout/refine a process that internalizes security and minimizes disruption. Identifies gaps in your existing development process and introduces key points to integrate new or refine existing security activities.
Microcreation's Secure Software Development Life Cycle service is built upon the widely accepted phases of the software development life cycle (SDLC): Requirements, Design, Implementation, Test and Deployment.
We will analyze your existing software development lifecycle and identify key points within the process to integrate new or refine existing security activities and gates. This gives your development team a repeatable and effective process that incorporates security at each phase of the software development lifecycle.
Research & Guidance:
Security Innovation has helped companies achieve a competitive advantage with its comprehensive research program that includes competitive intelligence, comparative analysis, secure knowledge expansion, and assistance with product roadmaps. Deliverables included Security guides, intelligence reports, protocols, and security best practices.