Security Framework in the Software Development Life Cycle¶
Security framework |
Software development life cycle | |||
| Ideation and design | Development of software | Quality assurance | Release | |
| Collaborate and brainstorm to identify the possible security flaws and loopholes. | Develop business logic for the new features and security improvements and test the logic for sanity. | Integrate the newly developed modules into the code and perform penetration testing to identify and rectify vulnerabilities. | Run security assessment to identify further areas of improvement for future releases. | |
| Prepare an action plan taking into account the different flaws and loopholes identified in the brainstorm session along with difficulties faced by users in previous releases, and security recommendations by penetration testing partners. | Continuously test the newly added features and modules to check whether the intended purpose of each feature and module is satisfied. | Continuous sanity testing to ensure the core functionalities of the product are working as intended after integration of newly developed features and modules. | Run continuous penetration testing activities through partners for identification and timely response to identified vulnerabilities in the product after release. | |
| Fabricate a design framework and a prototype including all the changes, updates, and security fixes and submit it to the change management team for approval. | Check and verify whether all the third-party libraries used in the product are free from known vulnerabilities before incorporation. | |||
Our development repositories are secured through https protocol and are subjected to strict authentication and access controls. The Securden engineering team works tightly with the security and quality assurance team to identify, address, and prevent vulnerabilities in the product before and after release.
The team partners and collaborates with third party penetration testing teams to identify areas of improvement and obtains suggestions to improve our security posture.
Apart from the security measures mentioned above, the engineering team and quality assurance team work tirelessly to make the application as secure as possible. The sections below explain the different measures undertaken to ensure the security and sanity of Securden Unified PAM SaaS.