Our approach to security operations and best practices
Secure software development
Security practices are applied at every phase of the software development life cycle:
- Security requirements are gathered at the early stage.
- Design phase identifies security risks via Threat Modelling, Attack Surface Analysis. Controls for input validation included.
- The development phase relies on frameworks that require the use of secure coding practices.
- Code is tested by someone who did not develop the source code. Automated security tests are also performed for working as expected verification.
- All security vulnerabilities are identified and patched within strict time frames which our security department monitor constantly
Operational practices
We maintain a list of our information assets and have adopted industry recommended operational security practices which align to our security certification programs.