Spacer
Home » Capabilities » Software Development » Cybersecurity

Software Development Capabilities
Security

To build secure applications, developers must first have a firm understanding of the different types of vulnerabilities and design principles specific to the application type.
 

PureThink's software developers and project managers must all be trained on application security and vulnerabilities, security design principles, and methods and tools for finding and testing these vulnerabilities.

We leverage a range of open source and proprietary tools to perform application security testing, as well as performing peer code reviews, and process reviews regularly.

OWASP principles we apply.

  • Apply defense in depth (complete mediation)
  • Use a positive security model (fail-safe defaults, minimize attack surface)
  • Fail securely
  • Run with least privilege
  • Avoid security by obscurity (open design)
  • Keep security simple (verifiable, economy of mechanism)
  • Detect intrusions (compromise recording)
  • Don’t trust infrastructure
  • Don’t trust services
  • Establish secure defaults (psychological acceptability)