Deloitte’s Application Security offering helps organizations with cyber capabilities and solutions focused on security and resilience of enterprise applications. This includes embedding security, controls and resilience as a part of the system development lifecycle from requirements to ongoing maintenance.
The scope of applications includes large enterprise software packages as well as customized enterprise applications and consumer-facing applications. We assist clients with governance, culture and skills to embed security into development processes, including agile or waterfall, provide methods and tools to build and test application security (threat modelling, design review, application controls, pen testing, SAST, DAST, etc.), and the integration of tool chains for software developers.