Architecture and Design Review

Architecture and Design Review focuses on early assessment of a product’s components and features, aiming to identify potential design flaws before entering the implementation phase. Whether it’s a chip, a security device, a mobile software solution, or another security relevant component, establishing a secure foundation is crucial for the overall security of the product.

Security Code Review

Security Code Review aids in identifying security bugs in source code before they can be exploited in the field. The review is conducted in accordance with a threat model specific to the solution, paying careful attention to common vulnerabilities related to the programming language, type of product, and interfaces accessible to potential attackers. Code Review can also include identification of weaknesses in utilized cryptographic primitives and potential vulnerabilities to physical Fault Injection and Side Channel attacks.

Penetration Testing

Penetration Testing not only helps in identifying present and exploitable vulnerabilities in the product but also shows the exact path an attacker is likely to take when exploiting identified issues. This testing can be conducted in a white, gray, or black-box manner, providing the flexibility to complete the assessment without revealing sensitive intellectual property. Penetration Testing can be focused on both the software running on the device and its hardware components. Hardware Attacks include physical attack vectors that are commonly used by attackers.