Not all vulnerabilities can be efficiently detected through technical means alone. Conducting a Security Architecture Review (SAR) helps identify weaknesses and improvement opportunities within an IT architecture, ideally before significant efforts are made to implement it. However, performing a Security Architecture Review after the solution has been implemented is also valuable, as it can reveal weaknesses, particularly at the interfaces and in the interactions between individual components. Gain from a comprehensive security assessment and review that considers every aspect of your architecture.
A security architecture review is carried out in line with the respective development progress. The following elements are part of our review process and can be adapted to your technology stack:
We review the existing documentation as part of a document study. Depending on the technology stack of the architecture to be reviewed, we focus on design specifications, system design, operating documents, interface descriptions, network plans and diagrams.
As the existing documentation does not always reflect the most up-to-date status, we supplement the first step with interviews and workshops together with your specialists where appropriate and necessary, thus completing our understanding of the overall architecture.
The information collected is now compiled into an overall picture. This is compared with relevant best practices and reference architectures to identify possible improvements and weaknesses.