Security & Robustness - Enterprise-class Systems

Security & Robustness - Enterprise-class Systems

Quoin has the breadth of experience to improve software security and robustness. Our staff understand the hardware, network, operating systems, development tools, and productions software that drive these qualities; and, can help your organization achieve secure and highly available systems.

Security & Robustness - Enterprise-class Systems

Quoin has the breadth of experience to improve software security and robustness. Our staff understand the hardware, network, operating systems, development tools, and productions software that drive these qualities; and, can help your organization achieve secure and highly available systems.
Methodology
Security Audit, Development Audit
Function
Testing, Deployment, Security, High Availability, Monitoring
Clients & Projects
Comporium, IAC, Lowe's Company, UNICEF

Quoin delivers pragmatic guidance and hands-on assistance for organizations that must ensure secure and robust systems. Our work encompasses enterprise software, mobile apps, IoT appliances, web applications; and uses a disciplined approach for identifying and fixing operational vulnerabilities. We use a 'white box' model where the audit team has full access to hardwire, network, applications, databases, and services. White Box audits reveal more details about potential vulnerabilities and exposure than 'black box' or penetration audits where the audit team only has the access to the normal publicly accessible interfaces. We offer consulting services including a Security Audit, Quality Audit, Software Verification, and Quality Improvement.

  • Security Audit – Conduct a hands-on review of implementation practices, deployment, production servers, monitoring, security policies, and other aspects of an operational environment to identify potential vulnerabilities
  • Quality Audit – Evaluate the source code, production infrastructure, testing, issue tracking, deployment, remediation, and other practices that determine software quality
  • Software Verification  – Implement a regression system testing suite for an application to verify conformance to specifications, performance, security, robustness, and other qualities
  • Quality Improvement  – Provide an independent team to test and fix software using a sophisticated set of code quality and analysis tools to yield 

The figure below shows output from analysis of a Java program using the JProfiler tool for analysis. Quoin focuses on the use of tools to support our development, testing, and quality assurance pracrtices. Although we work in a range of lnguages and tool stacks – JS, Django, Ruby on Rails, C/C++, and others – all Quoin teams leverage this type of tool to improve system robustness.

Example Code Analysis

Security Principles

Security and robustness requires a comprehensive understanding of a system – evaluating how the system was implemented to its use introduction. A Quoin project team uses a methodology based on the following principles.

  • Use best practices – Securing systems is quite involved where one design, deployment, or configuration error can compromise a system. Basing security on well designed and generally accepted guidelines will reduce the risk and cost of securing a system.
  • Minimize exposure – This guideline is sometimes referred to as “minimizing attack surface”. It involves reducing the number of interfaces that a system exposes to reduce the risk of compromise. An example is removing an installation of Apache from a host if it is not required.
  • Defense in depth – Defense in depth provides a layered set of security mechanism to increase overall system security. If an attack causes one security mechanism to fail, other mechanisms continue to protect the system. An example is configuring UNIX system accounts to both disable login and set the login shell to /usr/bin/nologin. If an attacker manages to defeat the login disablement, the nologin shell will still prevent access to the system. Defense in depth must be balanced with the simplicity principle.
  • Least privilege – Least privilege restricts the user and group accounts that a service runs as to the minimum required to perform their required functionality. This includes both restricting user/group rights and access to resources such as the file system, network, memory, and CPU.
  • Fail securely – Fail securely mandates that on a configuration error or security failure, the default setting or action maintains security. An example is setting the default policy on a firewall rule set to “deny”.
  • Simplicity – Security tools and processes that are difficult to understand, implement, or validate are susceptible to misapplication leading to vulnerabilities.
  • Active monitoring – Maintaining the security level of a system is not a onetime exercise. Active monitoring is required to verify the current configuration, scan for newly discovered vulnerabilities, and detecting any intrusions.
  • Do not trust default configuration, third-party services or infrastructure – A common misconception is that the default configuration for a system as provided by a vendor will be inherently secure. This is rarely the case since the incentive is to minimize support calls which usually results in a permissive configuration.

Quality Principles

Quality of a system similarly depends on a comprehensive approach including the development process and the resulting code. Our approach uses the following principles.

  • Build in quality – Quality should be intrinsic to the entire development process and starts with well-formed user stories that include acceptance criteria, and preferably executable tests.
  • Write tests first – Developers write unit and system tests before any code – this approach enables the team to identify requirements or design issues early in the development process.
  • Test components – Developers write unit tests as the code is developed. These tests immediately verify the correctness of newly-coded functionality.
  • Automate tests and builds – Implementing these complex processes allows developers to quickly verify new functionality and identify any adverse side-effects. Unit tests are incorporated into the application’s test harness to support regression testing for each build.
  • Practice continuous integration – Developers integrate their code with the project repository several times a day. This technique ensures that all components integrate seamlessly and that integration failures common to other projects are avoided.
  • End-to-end testing – At the completion of each iteration, the team will test end-to- end system functionality. Such testing covers system workflow from start to finish of key processes.
  • Release frequently – A team delivers new functionality as part of a stable, testable and visible release candidate every four to eight weeks, regardless of the size and length of a project. This discipline allows a team to quickly identify problems and react accordingly.