Threat Modeling

Objective of the Threat Modelling exercise is to provide guidance to testers, reviewers and software designers on understanding the possible threats from different attack vectors and to apply the applicable controls within the application code and configuration files to secure their application against those threats.


Code Review

During this phase, the application is reviewed on three levels, the input from the previous phase (application threat modeling) will be the main source in addition to the provided source code.


Reviewing SDLC Process

Our team evaluates your Current Software Development Life Cycle (SDLC) for conformance to standard requirements based on SAMM strategic, tactical, and operational requirements. ZINAD’s consultant will assess your current SDLC for "re-usability", in order to not "re-invent the wheel". This assessment serves as a foundation for enhancing SDLC.


Training Sessions

ZINAD will deliver secure development training sessions for software developers. This training will use the results of the code review project to focus on the real problems facing the developers.