A resilient security architecture is the basis for a secure product

Not all weaknesses can be detected efficiently using technical means. A security architecture review (SAR) helps to identify weaknesses in a solution or product - ideally before any effort is made to implement it. However, a security architecture review can also make sense after the solution has been implemented in order to identify weaknesses, particularly at the interfaces and in the interaction of individual components. Benefit from a review that includes all parts of your architecture and corresponds to a holistic approach to security.

Selected references on the subject

Advantages of a security architecture review

  • A holistic view of all components involved
  • Uncovering weak points that cannot be detected by technical means
  • Identifying weaknesses, especially at the interfaces and in the interaction of several components
  • Suitable recommendations for a more secure overall architecture tailored to your technology stack


A security architecture review is carried out in line with the respective development progress. The following elements are part of our review process and can be adapted to your technology stack:

1 – Document study:

We review the existing documentation as part of a document study. Depending on the technology stack of the architecture to be reviewed, we focus on design specifications, system design, operating documents, interface descriptions, network plans and diagrams.

2 – Interviews and workshops:

As the existing documentation does not always reflect the most up-to-date status, we supplement the first step with interviews and workshops together with your specialists where appropriate and necessary, thus completing our understanding of the overall architecture.

3 – Overall picture and countermeasures:

The information collected is now compiled into an overall picture. This is compared with relevant best practices and reference architectures to identify possible improvements and weaknesses.