Search

Secure development support solutions to achieve a robust security result for your innovation

Click here to start a conversation with us

Our heritage makes us a strong secure development partner

Since 2001, Riscure has been at the forefront of creating new methods to evaluate the security of embedded and connected devices.  Our analysts are among the best globally and continue to research challenges with security while they work at Riscure.  At the same time, analysts work on hundreds of projects, enabling you to tap into an unparalelled experience base.

Riscure also continuously develops tooling and training to enable you to “help yourself” during development, whenever tooling or internal resources could in fact replace manual effort by a third party.

Secure development services we offer

  • Embedding security expertise in your development team (posting)

    Our security analysts are among the best in the world and an outstanding added value to your development team as they aim to achieve a robust security result.  From requirements design, to secure coding support and all the way to final verification, our embedded experts will drive a better result, faster!  Ask us how we can bring the best support to your development team.

  • Security Canvas workshop

    Enable your development team to start security by design in a war-games like setting with one of our analysts.  Objective of the service is to have your team think through assets to protect, attacker profile, threat models and a series of attack trees which will help guide development. More information here.

  • Security requirements design

    We have extensive experience with security requirements design for both schemes and vendors.  Create crystal clarity for your and your supply chain 3rd party development teams around the security result you are aiming for.

  • Supplier selection

    What is the most secure solution? You know you want to integrate a third party offer in your device, but are not sure which of the options is the best or most relevant choice?  Let our team test through the options and demonstrate pros and cons of each, so you can make the best choice.

  • Architecture (design) review

    Solve security problems early and avoid the massive costs (sometimes 1000x) of fixes late in development.  Our analysts review your proposed architecture or design and will be able to point out weaknesses, so you can fix them before development gets too far along.

  • Code review

    As part of our devops offer, we can sync up our Software VA (vulnerability analysis) team and your software development team to spot code vulnerabilities and enable your team to course correct during development.   Our IDE intergation tool will allow teams to collaborate effectively around the diagnostic findings.  More on Vulnerability analysis.

  • Secure integration support

    One of the most critical challenges to obtain a secure end result is the integration of a variety of components as well as hardware, software, drivers and applications.  Our analysts often see critical errors in that area and can assist you in avoiding mistakes.

  • Penetration testing

    Test your device or solution in a white box or black box setting against the security requirements you have set for yourself.  This can be a pre-test to certification or simply a test against your own specs. More on the seven steps of a security evaluation.  More on test techniques.

  • Secure development knowledge transfer

    How to spot and test for hardware and software vulnerabilities.  How to protect secure boot.  How to avoid common (in)secure coding mistakes… Riscure Training Academy provides both public as well as custom training options to step-change your capabilities.  More on Training Academy.

  • Riscure Assurance Program

    Riscure provides you with the opportunity to evaluate your device or solution against a set of requirements and, upon passing evaluation and penetration testing, receiving a Riscure Assurance certificate for the specific category of device.  This enables you to demonstrate security performance of your solution towards your own client, without having to resort to handing over a security evaluation report including a large amount of potentially IP sensitive information.

  • Company lab support for SCA and FI

    Our well-trained analysts are at your disposal for on-site assistance to help you get the most out of your use of SCA and FI tooling.

More information

By continuing to browse this website, you agree to our use of cookies. Close