Strengthen the SSDLC for Enterprise Mobile Applications

Where is there is code, there are vulnerabilities.

Onsite Workshop

Not developing your mobile apps for high security can risk:

Developers being frustrated with spending significant time to refactor code after releasing it to production.
End users who are frustrated with inconsistent or unacceptable application experiences.
Application runtime issues due to malicious attacks.

Implementing a standard optimization toolkit will enable your organization to:

Consistently develop highly secure mobile applications as it relates to the SSDLC.
Increase the quality of your business applications by ensuring the integrity of critical enterprise data.

The Purpose

Identification of the triggers of your secure mobile development initiatives.
Assessment of the security vulnerabilities in your mobile applications from an end-user perspective.
Identification of the execution of your mobile environment.
Assessment of the mobile threats and vulnerabilities to your systems architecture.
Prioritization of your mobile threats.
Creation of your risk register.

Key Benefits Achieved

Key opportunity areas where a secure development optimization initiative can provide tangible benefits.
Identification of security requirements.
Prioritized list of security threats.
Initial mobile security risk register created.

Activities:		Outputs:
1.1	Establish the triggers of your secure mobile development initiatives.	Mobile Application High-Level Design Requirements Document
1.2	Assess the security vulnerabilities in your mobile applications from an end-user perspective.	Systems Architecture Diagram
1.3	Understand the execution of your mobile environment with a systems architecture.
1.4	Assess the mobile threats and vulnerabilities to your systems architecture.
1.5	Prioritize your mobile threats.
1.6	Begin building your risk register.

The Purpose

Discovery of secure development techniques to apply to current development practices.
Discovery of new user stories from applying secure development techniques.
Discovery of new test cases from applying secure development techniques.

Key Benefits Achieved

Areas within your code that can be optimized for improving mobile application security.
New user stories created in relation to mitigation steps.
New test cases created in relation to mitigation steps.

Activities:		Outputs:
2.1	Gauge the state of your secure mobile development practices.
2.2	Identify the appropriate techniques to fill gaps.	Mobile Application High-Level Design Requirements Document
2.3	Develop user stories from security development gaps identified.
2.4	Develop test cases from user story gaps identified.

The Purpose

Identification of key metrics used to measure mobile application security issues.
Identification of secure mobile application and development process optimization initiatives.
Identification of enablers and blockers of your mobile security optimization.

Key Benefits Achieved

Metrics for measuring application security.
Modified triaging process for addressing security issues.
Initiatives for development optimization.
Enablers and blockers identified for mobile security optimization initiatives.
Process for developing your mobile optimization roadmap.

Activities:		Outputs:
3.1	List the metrics that would be gathered to assess the success of your mobile security optimization.
3.2	Adjust and modify your triaging process to enhance handling of security issues.
3.3	Brainstorm secure mobile application and development process optimization initiatives.	Mobile Optimization Roadmap
3.4	Identify the enablers and blockers of your mobile security optimization.
3.5	Define your mobile security optimization roadmap.

GET HELP Contact Us

×

VL Methodology