Security cannot be added to software after it has been built. Security begins with a clear understanding of the needs of the software application and is embodied into the software through an appropriate architecture, design, skilled implementation and verification process. This is known as a Secure Software Development Life Cycle, an SSDLC.
All the software that we develop is developed in compliance with ISO27001:2013 and is resistant to the OWASP Top 10 attacks. We penetration test our software as part of system testing and are often tested by third party security companies as part of our customer’s acceptance testing. We hold CISSP, CISM and CSSLP certifications as well as ISO9001, ISO27001 and Cyber Essentials Certification as proof of our commitment to security.
The image below shows our SSDLC.