Secure Architecture Consulting
Assessing risks and drafting a secure solution architecture minimizes attack surface, enables focused investments and reduces cost.
Investing time and resources at an early stage in performing relevant risk assessments, drafting secure architecture blueprints and validating the security concepts for a solution saves resources and reduces double efforts in the long run. Fixing insecure system architecture decisions and adapting incomplete security concepts often generate high costs, especially if the service or systems are already live/in production. Changes which in the implementation phase can be made in one meeting or require a few hours of rework, result in production into months of planning and migration efforts. In our experience, an recurring issue is the misunderstanding of security boundary layers. For example, does the OS virtualization layer represent a security boundary or does the SAP NetWeaver Client (Mandant) segregation in different clients represent a security boundary layer?
We help enterprises identify security risks and solution architecture issues early in the planning phase. Together with our customers, the operations teams and the security officer we review architecture blueprints and solution security concepts and apply cost-effective relevant mitigation solutions to identified issues.