Secure Development Model
Flexible and Modular Framework to Improve and Build Secure Software
Software systems today confront a greatly increased level of security risk. As network security defenses have matured, the intruder community has refocused its efforts onto targeting software and firmware applications directly.
Despite sophisticated development methodologies, most software is developed on the basis of practices and standards that are not well attuned to meeting these increased security requirements. As a result, the rate of security vulnerabilities in software products and embedded systems is rising rapidly. Software developers and their managers generally do not have an educational background in secure software architecture, secure software implementation practices, software security testing, or any of the other security-sensitive processes at each stage of the software development lifecycle. Attempt to bootstrap to a high level of capability in secure software development is arduous and time-consuming.
In addition, software and application security risks directly impact compliance with legislative and regulatory frameworks including SOX, Bill 198, NERC, and PCI, as well as representing potential immediate risk to the enterprise.
Through the Secure Development Model (SDM), TELUS provides licensable intellectual property, developer training, and consulting services that greatly accelerate a software development organization's adoption of best practices for secure development, across all stages of the software development lifecycle. Implementation of the TELUS SDM helps organizations to realize improved product security, fewer product security flaws, reduced development costs, and accelerated time-to-market.
- Over 50 licensable Intellectual Property (IP) documents including secure development standards, practices, processes and training materials.
- Materials may be licensed as a complete set, or in one or more of the following modules:
- Security Requirements Capture and Specification Processes Module
- Secure Software Architecture Processes Module
- Secure Implementation Practices Module
- Peer Review and Security Testing Practices Module
- Secure Deployment, Maintenance, and Incident Management Practices Module
- Consulting services
For information or to order
Call your TELUS account executive
Request a quote or callback