SECURITY DESIGN AND ARCHITECTURE REVIEW

Security Architecture Review visualises your network Architecture and component configurations with respect to Industries infrastructure and security recommendation. Brisk Infosec infrastructure security is encapsulated with Network security, Web security and Mobile application security.

Brisk Infosec security team goal is to provide a robust and quality security to your organisation’s infrastructure.

  • Network Security Architecture Review
  • Mobile Security Architecture Review
  • Web application Security Architecture Review

NETWORK SECURITY ARCHITECTURE REVIEW

Network Security Architecture Review is conducting a systematic examination of the all the layers of an organisation’s network. We will examine the existing network topology and deployment of the security controls within the organisation like firewalls, IDS/IPS, network segmentation and offer recommendations to increase the effectiveness of the security controls.

MOBILE SECURITY ARCHITECTURE REVIEW

Good security decision depends on a thorough understanding of your application’s overall security posture. For a better understanding your application’s security posture, a review with your senior technical staff and front-line developers is performed by capturing the current system architecture, assess business processes, and identify critical threat agents.

WEB APPLICATION SECURITY ARCHITECTURE REVIEW

An appropriate architecture and design are needed to build a secure web application. The design and architecture review process focuses mainly on the security perspective. An architecture and design review helps you validate the security-related design features of your application before you start the development phase. This allows you to identify and fix potential vulnerabilities before they can be exploited and before the fix requires a substantial re-engineering effort.

NEED

  • You need appropriate architecture and design to build the secure web application, network and mobile application.
  • Identify the application’s attack surface and various entry points to determine the associated threats with each one.
  • Examine the security mechanisms employed by your key components such as your presentation layer, business layer, and data access layer.
  • Verify critical areas in your application, including authentication, authorization, input/data validation, exception management.

APPROACHES

The Security Design and Architecture review process is performed in the following phases:

  • Information Verification
  • Application Security Requirements Analysis
  • Deployment & Network Infrastructure Analysis
  • Application Component Analysis
  • Reporting and Communication
  • Deliverables

A typical architecture review evaluates the following key areas:

  • Security Policy
  • Disaster Recovery
  • Asset and Information Classification
  • Network Topology
  • Administration, Management and Provisioning
  • Network Controls
  • Routers and Firewalls
  • Intrusion Detection
  • VPN and Remote Access
  • Network element security
  • Identifying and designing for potential security risks in a large application is a complex task.

STANDARDS

We follow the Secure SDLC and OWASP standards.

BENEFITS

Identifies and prioritises security architecture risks and the subsequent controls and remediation opportunities

  • Gain a complete view of security posture, supporting controls and infrastructure
  • Identifies security architecture design flaws typically discovered after a security breach
  • Reduce Security Risks and Cost

FAQ

What are the areas that will be covered insure architecture and design review?
There are three important aspects to conducting an architecture and design review for security:

  • We evaluate client’s application architecture in relation to its target deployment environment and infrastructure.
  • We review your design choices in each of the key vulnerability categories defined by a security frame.
  • Finally, you conduct a tier-by-tier component analysis and examine the security mechanisms employed by your key components, such as your presentation layer, business layer, and data access layer.

What are the areas that will be evaluated in architecture and design review?
Identifying and designing for potential security risks in a large application is a complex task. A typical architecture review evaluates the following key areas:

  • Security Policy
  • Disaster Recovery
  • Asset and Information Classification
  • Network Topology
  • Administration, Management and Provisioning
  • Network Controls
  • Routers and Firewalls
  • Intrusion Detection
  • VPN and Remote Access
  • Network element security

What are the phases that will be covered?
The Following Phases  shown below  describes BriskInfosec’s Security Design and Architecture Review Process

  • Information Verification
  • Application Security Requirements Analysis
  • Deployment & Network Infrastructure Analysis
  • Application Component Analysis
  • Reporting and Communication
  • Deliverables

FLYER