The pandemic and its comprehensive countermeasures to isolate people have in a very short period of time triggered a complex set of technological demands for society. As a result, new classes of tools are being developed. Part of the work performed by is a series of quick scans and security reviews.

Security Quickscans

The focus of a quick scan is on high-level assessment, to harvest the most interesting and innovative solutions so these can be tested more in-depth. The analysis is significantly restricted in effort, by applying a ‘hardest problems first’ approach we aim to efficiently reduce the set of candidates for decision makers.

All reviews should start with a clearly stated purpose for the technology and the desired outcome for the deployment of the technology, or description where the technology fits in a wider scheme of action. This is necessary to determine if the technology is fit for the stated purpose, and will allow the evaluation and discussion to be focussed on the intended use and outcome.

In-depth assessments

In-depth assessments are a significantly more elaborate version of a quick-scan. While still far from a complete analysis, we spend dedicated time to take a deep dive into to guts of the application, to verify the quality of software engineering, cryptography, use of security anti-patterns and presence of OWASP top ten vulnerabilities. With the help of many experts (and you!) we also take a dig at the legal aspects and cross-border characteristics, the privacy implications, advises on accessibility/inclusive design and performs an official WCAG certification of the application.

  • No security reviews have been completed yet...
  • ... but there is an ongoing effort you can join!
    (you need to register separately for this, unfortunately)
Created by Michiel Leenaars on 2020/05/29 17:42
XWiki 11.10.3