Lexzur adopts a secure development lifecycle approach throughout the different stages of the development.
Lexzur secure SDLC involves security testing into the existing development process. This includes writing security requirements alongside functional requirements and performing risk analysis during the design phase of the SDLC.
Coding Practices
Lexzur follows development best practices in order to cater to the highest security standards. The below standards and procedures are followed in Lexzur SDLC:
- OWASP Top 10 best practices for web applications
- Data & Input Validation
- Data & Input Sanitization
- Peer-To-Peer Code Review
Vulnerability Assessment
Lexzur undergoes an application vulnerability assessment test on an annual basis by an external cyber security firm.
Static Security Code Analysis
Lexzur utilizes static security code analysis to detect any potential threats in the code base. Moreover, the libraries being used are scanned for known vulnerabilities
Security Training and Awareness
Lexzur provides security training sessions for developers, architects, and QA. The focus is on secure design principles, security issues, web security, and encryption.
Maintenance & Vulnerability Patching
Please refer to Lexzur Security Bug Fix Policy