Have we gone through a process of certification of IFS Applications against some of the Security Standards like ISO/IEC 27034
Pieter,
IFS implements a product security program based on ISO 27034 principles. Security is part of our Software Development Lifecycle model AQUA. This is realized through Security Development Practices, Security Architecture, Base Security Controls and Incident Management and Vulnerability Disclosure processes. Our Base Security Controls follow OWASP Top 10 industry best-practice recommendations. Internal security testing is done both through automated tools, manual testing as well as through regular 3rd party audits (Penetration Tests). IFS monitors the process maturity and targeted level of trust through utilization of OWASP Software Assurance Maturity Model (SAMM).
Regards,
Antony
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.