Application Security & Secure Development: Secure containerised software in the cloud

In today's digital age, application security is crucial for the protection of sensitive data and systems. Our expertise in Application Security & Secure Development offers comprehensive solutions to make your software development and application architecture secure. We support you in implementing and optimising your application security strategy with customised solutions tailored to your specific requirements. Our goal is to maximise the security of your applications and protect your company from digital threats.

Establishment of secure CI/CD pipelines in accordance with the DevSecOps paradigm

The integration of security into the Continuous Integration/Continuous Deployment (CI/CD) process and the application of the DevSecOps paradigm are essential components of secure software development. We support you in establishing secure CI/CD pipelines that integrate security into the development process right from the start and help you to utilise modern methods such as DevSecOps. A secure CI/CD pipeline can include the following elements, for example:

  • Secure Coding (OWASP, CWE Top 25)
  • Dependency Checks
  • Container Scanning & Security Monitoring
  • Pre-Commit Hooks
  • Security Source Code Scanning (SAST)
  • Dynamic Testing, Vulnerability Scanning and Fuzzing (DAST)
  • IaC Security Scanning
  • Deployment Hardening und secure Configuration
  • Keys and Secrets Management
  • Compliance as Code
  • SIEM, Logging & Monitoring
  • CSPM, CNAPP (more on this below)

Secure CI/CD Pipeline DevSecOps

Container & Kubernetes Security

Container Security deals with the security of containers and the associated technologies. Containers are a form of software virtualisation that enables applications and their dependencies to be packaged and executed in isolated and portable units. Containers offer many advantages for the development, deployment and operation of software, such as scalability, flexibility, efficiency and consistency. However, containers also bring new security challenges, such as:

  • The increased attack surface due to the large number of containers that communicate and interact at different levels
  • The rapid change and updating of containers, which requires continuous monitoring and adaptation of security measures
  • The complexity and heterogeneity of container environments, which consist of various components such as hosts, orchestration tools, registries, networks, storage and applications
  • The dependency on third-party code that may contain security vulnerabilities or malware

To overcome these challenges, we offer to help you improve your container security. We support you in implementing best practices and standards for the security of containers and the associated technologies. We help you to utilise modern procedures and tools that increase your container security. These include, for example:

  • CVE & Vulnerability Monitoring: We carry out regular scans and analyses of your containers and their components in order to identify and eliminate potential vulnerabilities or susceptibilities. We use the Common Vulnerabilities and Exposures (CVE) database, which contains a list of known vulnerabilities, as well as other sources and methods. We inform you about the risks and the effects of the vulnerabilities found and give you specific recommendations for eliminating or minimising these vulnerabilities.
  • Runtime Protection: We protect your containers during their execution by monitoring and controlling their activities and behaviour. We use Runtime Application Self-Protection (RASP) tools that are integrated into the containers and can recognise and prevent attacks. We define security guidelines and rules for you that determine the expected and permitted behaviour of your containers. We block or alert you to any deviations or anomalies that could indicate an attack or compromise.

Bug Bounty Program

A bug bounty programme can be an effective tool to identify security vulnerabilities in applications. We help you set up and manage bug bounty programmes to benefit from the expertise of a global community of security researchers. In addition, we support you in implementing Security.txt according to RFC 9116, which is a standardised format to provide security researchers with important information on how to report security issues in your web presence. Setting up a Security.txt is an important step in facilitating and encouraging communication between your organisation and the security community, which in turn increases efficiency in identifying and fixing security vulnerabilities.

Bug Bounty Programm Prozess

DAST, SAST, IAST

We offer Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST) and Interactive Application Security Testing (IAST) to effectively identify and fix security vulnerabilities in your web applications and services. These methods enable a comprehensive security check of your applications.

Secure Coding Workshops & Guidelines

In addition to creating development guidelines for secure software development, we also offer workshops and coaching. These workshops are designed to train your team in secure software development practices. Our guidelines and training are based on international standards such as OWASP Top10, OWASP ASVS and CWE and are customised to integrate best practices into the technologies you use.

CNAPP (Cloud Native Application Protection Platform) & CSPM (Cloud Security Posture Management)

In the cloud environment, it is crucial to implement a comprehensive security strategy. CNAPP and CSPM are key components to ensure the security and compliance of your cloud infrastructure. CNAPP provides a holistic security solution for cloud-native applications by combining security management, threat detection and data protection in one platform. CSPM, on the other hand, focuses on monitoring and managing security configurations in the cloud to identify and resolve misconfigurations and compliance violations. We support you in the implementation and optimisation of CNAPP and CSPM to comprehensively protect your cloud applications and services.

Development of security requirements and threat modelling according to STRIDE

Every in-house development and outsourcing project starts with security requirements. We support you in defining appropriate and customised security requirements for your applications. This can be relevant for both in-house development and outsourced development and should be included in every requirement and functional specification as well as in the contractual arrangements.

Threat modelling according to STRIDE is a method for threat analysis to identify risks and attack vectors. First, the application landscape including the underlying IT infrastructure is modelled with the element types process, data storage, data flow, external entity and trust boundary. This can be done technically and on several hierarchical levels or in a use case/misuse case-orientated manner. The threats are then mapped to the entire data flow diagram in accordance with STRIDE and specified in the technological context and sub-threats are generated (e.g. threat spoofing (the first S of STRIDE) using the password brute forcing attack at login).

The aim of threat modelling is to define mitigation measures and thus enrich the architecture with security measures. In this example, the use of CAPTCHAs and throttling at login. Threat modelling as a whole is therefore an excellent method for systematically and completely identifying and securing all risks in an application architecture and IT landscape. Without threat modelling, it is almost impossible for a security architect to identify ALL risks and take measures; in this case, only past experience is used and measures are only placed incompletely.

Threat Modeling

STRIDE categorisation of threats

  • Spoofing: The attacker spoofs a user / a system / a process etc., i.e. pretends to be a different entity. Mitigation measures in the authentication category.
  • Tampering: The attacker manipulates a data flow, data, process, etc. Mitigation measures in the encryption / integrity check / input validation category
  • Repudiation: The attacker carries out his actions unnoticed. Measures in the logging, monitoring, intrusion detection category
  • Information disclosure: The attacker gains unauthorised access to sensitive information. Extensive measures necessary, e.g. secure error handling, encryption, hardening
  • Denial of service: The attacker paralyses the system. Extensive measures required, e.g. hardening, DDoS protection mechanisms, secure programming
  • Elevation of privilege: The attacker gains more rights than he is actually entitled to. Measures in the authorisation category according to the least privilege principle

Possible applications

The possible applications of Security Requirements Engineering & Threat Modelling according to STRIDE are diverse and can be used for various purposes and scenarios. Some examples are

  • Risk analysis according to ISO 27001 / ISO 80001 / ISO 27034: Security Requirements Engineering & Threat Modelling according to STRIDE can be used to define the security objectives, controls and measures that comply with these standards. This allows you to identify, assess and address potential threats that could jeopardise the security of information, products or applications.
  • Analysis of a (cloud-based) application architecture: Security Requirements Engineering & Threat Modelling according to STRIDE can be used to analyse and improve the security aspects of an application architecture. The attack surface, vulnerabilities, dependencies and protection mechanisms of an application or system can be examined and optimised. This applies in particular to cloud-based applications or systems that are exposed to particular security challenges, such as multi-tenancy, scalability, data processing or compliance.
  • Recording of attack vectors and support in determining the scope of a penetration test: Security Requirements Engineering & Threat Modelling according to STRIDE can be used to capture and support the attack vectors and the scope of a penetration test. The possible entry points, targets, scenarios and techniques of an attack can be defined and prioritised. This helps to determine and limit the scope and depth of a penetration test, as well as to evaluate and document the results and recommendations.
  • Cloud Migration Projects: Security Requirements Engineering & Threat Modelling according to STRIDE can be used to consider and ensure the security aspects of a cloud migration project. The security requirements, risks and measures for the source and target environments can be analysed and compared. This helps to identify and address the security gaps, challenges and best practices for a successful and secure cloud migration.

Secure Source Code Review

As part of the security code review, an automated and manual security source code review is carried out for security-relevant areas to identify security vulnerabilities.

The automated test is not restricted and is performed on the entire code. A manual review is carried out both on the findings from the automatic tests to identify and exclude false positives and on security-critical code areas of the application. results.

  • Automated code reviews
  • Quality assurance of the findings, exclusion of false positives
  • Manual code reviews for security-critical code locations

Automatic security code review

Firstly, the software is onboarded in suitable security code scanners. The scans are then started, followed by analysing and cleaning up the results. 

The scanners used are currently regarded as the standard for automatic security checks of source code. They deliver good to very good performance in detecting simple technical security vulnerabilities. However, the detection rate in the area of complex or functional security vulnerabilities (e.g. authorisation assignment during login) is significantly worse than for technical security vulnerabilities (e.g. use of vulnerable methods). The automatically identified security vulnerabilities are therefore subsequently quality-assured and adjusted for false positives. During this process, a manual review is carried out, as the code areas surrounding the automatic findings are also analysed manually.

Manual Security-Code-Review

As part of the manual security code review, selected security-relevant code areas are checked manually according to the international CWE standard in order to identify typical implementation errors such as the following:

  • Input validation (blacklisting/whitelisting)
  • SQL injection
  • OS command injection
  • Buffer overflow
  • Cross-site scripting
  • Strong authentication
  • Use of cryptography
  • Access control
  • Unrestricted upload
  • Cross-site request forgery
  • Error handling

Customised security concepts according to established standards

The topics on this entire underside are transferred into a holistic, customised security concept in accordance with established standards. We are guided by recognised standards such as BSI IT-Grundschutz, OWASP and CIS to ensure that your security strategies are not only comprehensive but also aligned with the latest best practices. These customised concepts enable us to develop a security architecture that is specifically tailored to the needs and requirements of your company.

scroll to top