Security is critical to everything we do at Software Solved.
We include the following activities as standard with every project that we work on.
Secure Coding Guidelines
We have our ‘secure coding guidelines’ that our developers follow. This forms part of our code review process and we perform regular developer training in secure coding. This is based around industry best practice and the OWASP Top 10.
Security requirements are identified as part of the project discovery phase.
Baseline Security Checks
We perform baseline security checks for significant web application releases, or when new URLs are deployed.
Independent Penetration Testing
We can engage with 3rd party independent penetration testers and help plan resolution of any issues that they might raise. If you wish for us to engage penetration testers, we have partners that we regularly use and can advise on the associated costs of these activities.
Server and Software Patching
Server and software patching for our hosting and support services.
Health checks include analysis of Authentication, Authorisation, up to date software components and libraries, and common security vulnerabilities.
Control of who within Software Solved has access to your systems and data, using a least-privilege principle.
Restriction of Information
Project information is also restricted to only the project team working with you.
We perform regular risk assessments and mitigation as part of our ISO27001 information security management system.