Hackers of India

Best practices to improve the security grading of your project

By  Hemant Khandelwal  on 15 Feb 2012 @ Nullcon

Abstract

In this paper you can learn the best practices to improve security grade of your product. The paper will share our experiences and evolution of best practices with increase security threats and attack vectors. I will discuss about three pronged strategy around making product changes, improving team processes & security certification and improving delivery, install and notification mechanism. This strategy allows addressing security from a multi-dimensional approach; short & long term as well as multiple areas around the product.VVhen we applied these processes, this not only resulted in security improvements for our product but also improved responsiveness from team on security issues. In this session, you can learn tips and processes that you can leverage around security for your products and projects including discussion on threat model preparation, security assessment, policies and guidelines to follow for team and communication with customers.