- Application areas
- Work with us
- Right now
- About us
Smart products – Internet of Things – give rise to a whole new range of security challenges. Are you in the process of connecting existing or new products to the Internet? Contact us for advice or for an independent security review to assure your customers – and yourself – that your connected products are secure.
Make your investment at an early stage in the process, and save money. Avoid costly mistakes and remedy vulnerabilities before the product is put to use by the customer.
In the idea generation phase, we advise you on how to design security into your product from the start to avoid costly errors later on.
In the design phase, we help you develop a secure design. We can also assist you with a threat analysis or an architecture review that helps you identify if your software architecture is properly designed in terms of security.
In the implementation phase, or at the end of product development, we can perform a code review to help you verify that your actual implementation meets the security standards specified by you and your customers.
Throughout the process, we can advise you on cryptology aspects of relevance to your product.
We investigate the threat scenarios around your product. Perhaps you have already considered all the scenarios but are uncertain how to build countermeasures into the software architecture or into the code. With a threat analysis of your product, you can start improving the security level and make it homogeneous. This part of the review as well as parts of an architecture review are often based on the OCTAVE Allegro model.
Building security into your architecture from the start is both better and cheaper. An architecture review gives you an overview of the security risks of your design choices. In combination with a threat analysis, an architecture review uncovers risks in the overall system, detects flaws in the mechanisms that protect your system’s assets, and identifies if further mitigation is needed.
Errors in the implementation of a product constitute one of the major threats to security. In a code review, we analyse your code – or parts of it – and verify if it complies with the expected security level. Code reviews are based on OWASP.
In a penetration test (Pen test), we expose a test system to different attacks. As in the code review, the purpose is to ensure that the mechanisms you have implemented function correctly and cannot be circumvented. The penetration test is also based on OWASP.
Cryptology offers a very high degree of security if used correctly. Cryptology is also very complex, and it can be hard to choose the right algorithm and use it correctly. We have a number of experts with a strong professional background, such as a PhD in cryptology or mathematics. Read about our services in the field of Data encryption.