Security Risk Analysis
- Security Risk Analysis (SRA) will be performed aligming with
- Authentication, Authorization,
- Data Protection,
- User Access Entitlements,
- Logging and Monitoring,
- Key & Certificate Management,
- Data Resiliency,
- Technology Stack - Framework,
- OSS - Open Source Software & libraries
- Risk Assessment Report Creation
- Risk Remediation Strategies
- Risk Acceptence & Risk Exception process workflows
Threat modelling
Security Architecture
- Threat modelling
- Application design review and validation
- Endpoint security Architect review
- Network Security design review
Attack surface Management
- Secure code design and Review (Manual)
- SSLDC
- SAST
- DAST
- Pentest
- Vulnerability assessment
Security awareness training
- Cybersecurity training for all employees
- Promote awareness of phishing and social engineering attacks
- Technology for SSDLC training
- Development Team Security Training: Train developers and teams on secure development practices and potential risks.
Third-Part Security: If exist Documents
- Security baseline Documnet for security architect
- Security Policies and Procedures
- Process will be defined and will train SME’s