Toreon is on a mission to improve the security of applications in order to create trust in our digital society.
We do this by helping our clients program better and more securely.
Our preferred way of working, is to have a long term commitment with our clients and to help them get better at security, to transfer knowledge and increase the security maturity level of their teams.
We do this through focused solution offerings, coaching and training.
With an appsec subscription, you get access to all of the Toreon application security knowledge.
An appsec subscription is a long-term partnership. We commit to increasing the security maturity of your software development team by providing security services that improve the whole Software Development Lifecycle (SDLC).
We start by appointing security champions in your teams. They get coached and trained to be able to promote security on a day-to-day basis.
Furthermore, we provide all the additional expert knowledge as needed, to make sure your development efforts are secure.
This may include:
Secure coding training
Coding and deployment guidelines
Our subscription can easily be adjusted to include GDPR compliance or to conform to an ISO 27001 certification program.
Secure Development Lifecycle – assessment and roadmap
Toreon’s efforts are always geared towards improving the security quality of the software products that you develop in-house or for your clients. We like to take a holistic view and look at the whole Secure Development Lifecycle (SDL).
Our assessment uses the internationally recognized OWASP OpenSAMMframework to find out where exactly you stand with regards to generally accepted norms of maturity in development. Our investigation leads to a clear report of the areas where you do well and points out where improvements are needed.
We can then put together a roadmap, based on our assessment findings, your security needs, ambitions and budget.
This will put you on the road to a higher security maturity level in software development and of course a better quality product in the end.
White Board Hacking (a.k.a. Threat Modeling)
The earlier you think about security, the better. It is much easier and cheaper to avoid security flawsthan to fix them once the application is up-and-running.
Our White Board Hacking workshops put together everyone involved, such as product owners, architects and developers, to systematically analyze the applicationbeing designed and come up with the security measures needed to make it run securely. All of this happens before a single line of code is written !
We can run the workshops for you or take a look at our training option !
To make sure everyone in your development teams produces the same quality in security, you must make sure good guidelines for secure development are enforced.
Our guidelines are comprehensive and clear. We cover multiple programming languages and frameworks and customize our guidelinesto every client’s particular needs.
Our guidelines are updatedwhenever developments in the security sphere (new threats and vulnerabilities) or changes in programming languages and frameworks demand it.
Application Security Coaching and Appsec Champion Support
To help improve the security maturity of a development team, it helps to focus our efforts and to have a local expert who is engaged with and feels responsible for security.
This is our security champion.
We take special care to educate and coach the internal security champions. When they grow in knowledge, the development team grows in maturity.
This allows us to continuously change our security support offering to the teams under our care, as they get better and better at producing secure software.
KMO Portefeuille Are you an SME in Flanders? Great news! Toreon is recognised as KMO-portefeuille service provider for trainings, analyses and advise. Which means your investment in security can be subsidised.
In order to inform you of our policies and activities with respect to the collection, use and transfer of Personal Data on our websites, you can find an electronic copy of our Privacy Notice here.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.