Architectural Application Security

The security architecture builds the foundation of a secure application, such as a web application. Approx. 50 percent of all vulnerabilities can be attributed to architectural flaws. In addition, the costs for fixing a security issue are rapidly increasing the later I do it within an application lifecycle. Therefore, a certain security level can only be reached if security is taken into account by designing the application architecture.

Examples for our services in that area are:

• Staffing security architects for projects
• Execution of threat modeling activities
• Establishment of architectural security sign-offs (security gates)
• Execution of architectural workshops and coaching
• Definition of architectural security requirements & blueprints
• Secure architecture engineering (SOA/WS-Security, crypto, authentication, validation architecture, etc.)