appseccasestudies

Application Security Case Study

Telecom Provider Application Testing

When a large telecommunications company needed a comprehensive, repeatable process for testing the security of internally and externally developed applications they called MANDIANT. We worked with this client to create a custom application assurance package that assesses the security of an application throughout its lifecycle. Threat analysis and security architecture review were employed to identify structural threats and design flaws early in the process. A combination of automated and manual source code analysis and penetration tests were used to identify implementation bugs and other security weaknesses which may have crept in to the production system at any time between inception and deployment. Using standardized weightings for risks identified allowed results from different phases and from multiple applications to be compared and helped MANDIANT and our customer prioritize the remediation process.

Application Security Practice Description