Security

Spike Application Security

The market is evolving rapidly and every day new frameworks and new technologies are developed in order to face such changes. In virtue of this, the vulnerability types to which the web application services are exposed change too.

While the infrastructural security is well mature in virtue of existing systems and solutions able to minimize attacks against operating systems, DBMS and application server, the security level of source codes is not sufficiently suitable. The non adoption of guidelines, methodologies and best practices during the development phases, are the main reasons behind application vulnerabilities which allow a hacker to perform illegal activities and wreck havoc the core business of his victim.

Within this scenario, the “Spike Application Security” offer by Spike Reply aims at introducing a process to secure the whole software lifecycle.


The offer consists of a series of fully modular services, aiming at satisfying all the different security requirements of the various phases of a software lifecycle.

Through consolidated methodologies, like those offered by Owasp or by Microsoft, Spike Reply is able to support the Client’s software lifecycle offering the best options available on the market.

The "Spike Application Security" offer comprises a series of services, including:

  • Application architecture risk analysis: aimed at supporting the secure application infrastructure design using threat modeling;
  • Static code review: through commercial tools and open-source solutions we are able to verify the implementation of secure code writing guidelines by analyzing the application source code.
  • Secure code writing guidelines: in order to best support the developer during his daily work, we suggest to provide him with secure code writing guidelines which, with the help of contextualized examples, will help him write the most secure code.

<< back