At Italtel, for our most recent products, we have adopted a methodology that allows us to produce software characterized by the “security by design” paradigm. It is an approach to software development that seeks to make systems as free of vulnerabilities and impervious to attack as possible through such measures as continuous testing, authentication safeguards and adherence to best programming practices.
Therefore, in their job, our colleagues who deal with the design and development of the code are also required to consider the issue of security, from the early stages of the project.
The goal is to meet market demands in terms of #security in accordance with ISO 27001 standard for security of information.
This concretely translates into some types of activities that we carry out on our products:
- Scanning and Vulnerability Assessment:
o Dynamic scanning of source code and web application (according to “OWASP Top10” and “SANS Top25” methodologies)
o vulnerability Assessment of the operating system and associated frameworks
- Systematic resolution of security bugs highlighted by scanning
- Addressed vulnerabilities reported by specific bulletins related to third-party software embedded in the products
- Dissemination of security vulnerability resolutions in field by uploading updated releases.
The set of activities described above helps to build a safer scenario: the software development tools exist and work, but the systems need constant updates, to deal with possible violations and attacks by increasingly aggressive hackers.
For this reason, we strongly encourage all our customers to stay updated on the latest releases, which are aligned with the “Security by Design” strategy.
