Application Security Solutions

Toreon is on a mission to improve the security of applications in order to create trust in our digital society.

We do this by helping our clients program better and more securely.

Our preferred way of working, is to have a long term commitment with our clients and to help them get better at security, to transfer knowledge and increase the security maturity level of their teams.
We do this through focused solution offerings, coaching and training.

Application Security Subscription

With an appsec subscription, you get access to all of the Toreon application security knowledge.

An appsec subscription is a long-term partnership. We commit to increasing the security maturity of your software development team by providing security services that improve the whole Software Development Lifecycle (SDLC).

We start by appointing security champions in your teams. They get coached and trained to be able to promote security on a day-to-day basis.
Furthermore, we provide all the additional expert knowledge as needed, to make sure your development efforts are secure.
This may include:

  • Threat modeling
  • Secure coding training
  • Application pentesting
  • Coding and deployment guidelines
  • Code analysis

Our subscription can easily be adjusted to include GDPR compliance or to conform to an ISO 27001 certification program.

Secure Development Lifecycle – assessment and roadmap

Toreon’s efforts are always geared towards improving the security quality of the software products that you develop in-house or for your clients. We like to take a holistic view and look at the whole Secure Development Lifecycle (SDL).

Our assessment uses the internationally recognized OWASP OpenSAMM framework to find out where exactly you stand with regards to generally accepted norms of maturity in development. Our investigation leads to a clear report of the areas where you do well and points out where improvements are needed.

We can then put together a roadmap, based on our assessment findings, your security needs, ambitions and budget.

This will put you on the road to a higher security maturity level in software development and of course a better quality product in the end.