Case Study: Wicket Framework Analysis Case Study: Wicket Framework Analysis

Evaluating the security benefits and drawbacks of a new technology framework.

Blog Post: Embrace new technology, only if ... Blog Post: Embrace new technology, only if ...

How to Approach Technology Adoption from a Security Perspective.

Training: SD Elements Training: SD Elements

A Repository of Technology-Based Best Practices.

Description

With new technology come new risks.

Security Compass consultants rely on a history of experience in assessing and reviewing various technologies that they have encountered in different client environments. Moreover, the majority of our consultants have a development background that allows them to obtain a deeper understanding of the application functionality and the technology underneath it when performing security assessments. All these assets have enabled Security Compass to excel in reviewing and analyzing various types of technologies from a security perspective. Most commonly, clients consult our team for analyzing a new technology that they are investigating to acquire. Our consultants initiate their technology analysis, by first performing a thorough analysis of the client's security requirements. Client requirements can be generic, best practices, or specific to their environment. The requirements elicitation phase may involve interviews with the client team and a review of their architecture. The consultants then would leverage their knowledge base and available resources to simulate the client's environment with the new technology and identify all points of strength and weakness that the technology brings about and match them against the client's requirements and ecosystem. The analysis could be at a high-level or as detailed as code-level guidelines and how-tos according to best practices. At the end of the technology analysis process, the clients are provided with a detailed analysis, as well as recommendations and conclusions with regard to the suitability of the technology for their environment and the risks that the new technology may introduce.

Meet Our Experts

  • Nima Dezhkam

    Nima Dezhkam

    Security Consultant

    Security Compass's consultants bring along a rich portfolio of software development and application security expertise that enables them to critically analyze various new or legacy technologies from the security and best practices perspective and guide the clients in their technology adoption process.

    Nima brings extensive experience in policy and standard reviews, gap analysis and application and infrastructure security architecture to his clients. Outside his day to day work, Nima co-authored the 2010 Rotman-TELUS Security Study and most recently, was the co-speaker at the 2012 Cancer Care Ontario Seminar where he spoke about Secure Development Practices.

Overview

The Technology Security Analysis service offered by Security Compass enables the organizations to identify the key strengths and weaknesses of a new technology or an existing one, based on the very specific requirements of their environment, and use the technology as recommended by best practices and security experts.

Key Business Benefit

Choosing the right technology is a key step towards supporting your business requirements in a more secure fashion. Using the right technology in the right place significantly reduces the effort needed to develop and maintain applications, and more importantly, if used according to best practices, it reduces the risk surface of your environment.

Methodology

The Security Compass's Technology Security Analysis is broken down into the following phases:

  • Requirements Analysis
  • Technology Review
  • Technology Analysis
  • Conclusions and Recommendations
  • Vulnerability Analysis (optional)

Learn more