Implementation of IT Security Concepts

IT security concepts in companies, whether SMEs or corporations, are an essential part. Every software needs to be tested for various attack vectors. From a corporate perspective, it is generally important that a software integrates smoothly into the IT architecture of a company and meets the needs of the respective security concept.

WIAM strives to align the software in general accordance with ISO / IEC 27002 which establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in a company including best Security and addresses the following points in accordance:

 

  • Information security measures and management processes
  • Organizational Security
  • Asset and HR Security
  • Network and operating safety
  • Access control
  • System development and maintenance
  • Security incident management and emergency preparedness plan
  • Compliance

Having acquired vast experience and capabilities during years of experience, WIAM supports companies in integrating the software into the IT security environment of the company and consequently, provides the following measures

 

  • Protection of data security and confidentiality
  • Code/ ID & architecture reviews
  • Description of manual test cases and programming of automated tests, e.g. in HPQC, ALM
  • Checks software and company-specific software to IT standards
  • Software Performance and application load testing, i.e. with HP LoadRunner
  • Vulnerability scans for automated checks of application and protocol weaknesses
  • Penetration tests for manual planning of external attacks, cross-site scripting, session hijacking, and much more


Back