Application Architecture Review

SecureState leverages proposed data flow and controls to perform attack modeling.

SecureState's experts review an application's proposed data flow and controls to identify potential security flaws. We leverage this information to perform attack modeling off of the application architecture.


Application Architecture Reviews are an important part of a Secure Software Development Lifecycle since they provide an excellent way to identify potential security flaws within the application architecture and data flow.


SecureState has experienced professionals who can review and understand the complexities involved with supporting an application infrastructure and the many security concerns that are inherent to any business critical application.

Approach and Methodology

SecureState assesses application architecture from multiple security perspectives. These include adherence to corporate security policies, authentication and authorization mechanisms, access controls, data flow and data integrity checking, encryption and key management, logging and monitoring. Communication between application tiers is reviewed as well as security dependencies introduced by support services and operating systems. The intent is to identify attack vectors that could be exploited.

SecureState uses key personnel interviews, review of architecture design documents, review of infrastructure configurations and whiteboard sessions to identify application exposures. These are documented along with tactical and strategic recommendations to support remediation efforts. This process can cover internally developed, commercial, open source and outsourced applications.


Get Started!