Brainspire Solutions develops all software solutions leveraging industry standard best practices. This includes proven techniques to secure all applications and data. When we engage with each client we are fully aware that their business is at stake and realize the trust and expectations that are placed on our consultants when it comes to developing secure software applications.
From the time we begin speaking with a customer about their application needs, we include conversations about the security requirements necessary to deliver a successful solution. Our SDLC constantly puts emphasis on ensuring that the appropriate level of security is in place throughout the project. We’re always looking for potential holes. This not only includes reviewing the architecture and code, but reviewing the human elements, policies and processes that can create security gaps, as most breaches occur because of human carelessness and end users not following the security protocols that are put in place.
Developing secure software within the enterprise requires the proper architecture from the very beginning. It can be difficult to enforce security with code throughout an application when the foundational level architecture is flawed or open to attacks. This can be especially true when integrating with other 3rd party applications. It is for this reason that multi-level security must be reviewed from the very beginning when designing an application.
Brainspire’s consultants are classically trained and mentored throughout their career and typically hold Computer Science or MIS Degrees. Brainspire’s culture is based on constant learning and best practices, with ongoing code reviews and retrospectives on our development processes. We are constantly challenging each other to improve and have built a culture where giving and receiving constructive criticism is expected.
Software can and will function at a basic level, even if it is not designed or developed very well. Much of Brainspire’s portfolio of work is enhancing or rewriting legacy software applications, and it’s usually clear when the base code we inherit wasn’t planned or designed well from the very beginning. This includes security. Our experts can detect when security was an afterthought, and it makes retrofitting an application to make it secure difficult at times. Brainspire designs and develops software with advanced security as a critical requirement from the very beginning.
Brainspire Solutions is a custom software development firm. We build secure software applications leveraging best practices and industry standards. While we certainly test the code we build and put into production, we are not a security or penetration testing company. It is a best practice to leverage a separate 3rd party firm to perform penetration testing. The most objective way to find security gaps is to have an unbiased and trained 3rd party review the code and attempt to hack the solution - early and often.
We have partnered with a number of 3rd party penetration testing companies at various points in a project. Dedicated security testing firms review and see many more breaches and attempted attacks than our team does. They will have a wider and deeper base of knowledge when it comes to security. We appreciate their recommendations, which make us better project after project. It is simply another best practice to have an unbiased review of the architecture and code.
Working closely with security review firms and penetration testing companies, Brainspire has been engaged by a number of clients to fix uncovered security gaps in the architecture and code.
It’s not uncommon for organizations to have 3rd party security and penetration testing completed on a routine basis, at least annually. Typically when a security audit is performed or when penetration testing is completed, there will be a number of issues that need to be fixed. These fixes can be simple or they can be more complex. And it doesn’t necessarily mean an application is unsecured if potential vulnerabilities are found as the techniques of hackers are constantly evolving.
Penetration testing companies generally do not provide software development services to fix the problems or the potential issues they uncover. They only identify the issues. We have a symbiotic relationship with security / penetration testing companies for this reason. Brainspire fixes all identified software security vulnerabilities in your critical applications with proof the issue has been resolved.