1. Understand the Requirements
The security requirements of a product drive how resistant a product should be against attacks. Before we evaluate the security of a product, we aim to have a good understanding of its security requirements. In case the security requirements have not yet been specified, we work with the customer to define the desired security level for the product.