Enterprise Secure Software Development Infrastructure

-A +A

Motivation

Application security tasks integrated with software development life cycle, help to secure
applications easily and effectively.

Goals

  • Dissemination of sustainable enterprise software development infrastructures
  • Enable to develop applications using related international security standards and best practices (OWASP, CWE, DISA STIG, SANS, HIPAA etc.)
  • Developing needed secure software development technologies and providing most common technologies / tools to work integrated

Description

  • Features of Enterprise Secure Software Development Infrastructure
    • Supporting multiple programming language (C, C++, .NET, Java, PHP, Python, Objective-C etc.)
    • Integrated with most common software development lifecycle tools (Change Management, Configuration Management, Continuous Integration etc.)
    • Consolidation, validation and summarization of most common static source code analysis tools
    • Continuous source code security analysis and sharing analysis results
    • Collecting statistical data related to secure software development lifecycle
  • ​Services using Enterprise Secure Software Development Infrastructure
    • Secure Software Development Training
    • Setting up Enterprise Secure Software Development Infrastructure
    • Consultancy for Secure Software Development Process Improvement
    • Consultancy for Software Security Architecture and Source Code Security Analysis

Acquisitions

  • Locally customized and nationally adapted secure software development
  • Dissemination of usage of secure software development processes
  • Providing interoperability of secure software development technologies and tools