Ensuring security of IT infrastructures, systems and services is in many ways a challenge. Comlet addresses the challenge of securing distributed systems by a team of experienced developers and consultants, and provides best practices to avoid security vulnerabilities from the beginning. This includes compliance checks with existing standards and guidelines, e.g. BSI basic protection, Common Criteria or AUTOSAR and SAE J3061 in the automotive context, the elicitation and specification of security-related requirements and architectures together with our customers, as well as continuous quality assurance of individual components.
Standard Compliance & Data Privacy
In environments in which domain-specific security standards and regulations apply, it is not sufficient to provide a secure system: The challenge is also to fulfill specific normative requirements and to provide evidence that all rules and regulations have been correctly implemented in the respective software systems.
Comlet supports you in determining the requirements for your individual product that are demanded by security standards such as 21 CFR Part 11 or ISO/IEC15408. We will also check your products in order to assess their compliance with a particular security standard and to identify existing compliance issues, as well as providing improvement suggestions.
We will inspect your existing systems with regard to security vulnerabilities, which also includes checking the solidity of your security design and its implementation. We evaluate the adequacy and correctness of your security algorithms and test whether the protection of your user interfaces can be breached.
We also support you in analyzing your IT infrastructure with regard to fundamental security requirements and generally recognized best practices, for instance in accordance with the IT baseline protection catalogs. We help you to identify your greatest IT risk potentials and to secure your local IP networks.
Secure Software Development
Security is no isolated quality that can be integrated into a system retroactively. It requires careful consideration right at the start of the development and demands continuous attention and control throughout a system’s lifecycle. We will support you with best practices for secure software design and implementation that help you to avoid security vulnerabilities from the beginning, such as
- Security Requirements elicitation and specification,
- Attack surface analysis and risk assessment,
- Secure Architecture Design
- Oder Secure Coding
and to take appropriate technical and organizational security measures in all phases of development and operation.