Security is not an add-on feature that could be added to a system or software. But instead, it should be evaluated as part of the development process. Implementation of security functions during the processes of development and installation is both easier and more effective.
SGE provides the following services to public and private organizations/institutions:
▪ Trainings for the secure software development
▪ Software source code analysis in order to detect vulnerabilities during the development of software
▪ Risk analysis and threat modeling with the purpose of making secure software development processes more efficient
▪ Search and implementation of new secure software development methods
▪ Conduct of workshops and conferences on the development of secure software
Within the scope of these services, SGE has aided NATO in many projects related to information system development. For the security accreditation of these system and software projects, the institute has presented consultancy regarding secure system design and the preparation of accreditation documents and also carried out the security tests of the developed systems.
