AppCurity Secure Software Development LifeCycle

Overall Risk Reduction

5%

5%

7.5%

20%

20%

12.5%

7.5%

5%

2.5%

Vulnerability Management

Business Requirements

Analysis

Design

Development

Quality Assurance (Q/A)

Pre-Production

Web
Application Penetration Testing(WAPT)

Production

Post
Production

Application Security Requirements (ASR)

Application Security Standards

Application Security Policies and Procedures

Application Security Process Integration

Risk Analysis (RA)

Application Security Architecture (ASA)

Threat Modeling (TM)

Code Review(CR)

Static Application Security Testing (SAST)

Secure Coding Guidelines (SCG)

Enterprise Security API (ESAPI)

Dynamic Application Security Testing (DAST)

Vulnerability Remediation

Validation Testing

Security Configuration

Verification & Certification

Incident Response(IR)

Web Application Firewall (WAF)

Security Monitoring

Production Application Security Testing (Non-Invasive)

Application Security Metrics Dashboarding

Security Compliance [ex. PCI] (SC 5%)

Security Training (ST 5%)

Risk Assessment (RA) 5%