Security and data protection are still regarded as unimportant factors in software development that can be implemented by simple, singular measures, even after release. Research and practice show a different situation. The list of software with known security vulnerabilities is almost endless. The current negative examples among the Corona apps show that security and data protection are still not a matter of course in software development in 2023.
Only if security and data protection are treated as elementary components in the design phase, the resulting software will have an appropriate level of security. Secure software development is a process consisting of many facets that cannot be reduced to or even replaced by tools.
With expertise from several decades of consulting in the area of secure development lifecycle, code auditing, reverse engineering and bughunting, coupled with an equally long experience in software architecture and development, modone has set itself the goal of implementing software on behalf of customers that meets all data protection and security requirements.
We plan and implement software on behalf of our customers. We do not impose any technological restrictions on ourselves, but choose our tools independently of the manufacturer according to the respective requirements in the project. We are just as familiar with embedded systems as we are with web applications, native software or mobile apps. Our expertise covers a wide range of platforms, technologies and languages:
- Linux, Windows, macOS, Android, iOS, embedded systems
- Web, native, mobile
- C, C++, Rust
- Swift, Kotlin, Dart, Java, Objective-C
- NodeJS, Express, Flutter
- GoogleTest, cpputest
- Voice- and data communication
- OpenSSL, mbedtls, CommonCrypto, CryptoKit, Android Keystore System
- PKI, Authentication, trust infrastructures
- UI and UX design and implementation
As a full-service provider, we not only take care of design and implementation, but also get your app into the app store and your software onto your systems, into the cloud, or onto a turnkey appliance.
The key to secure software is the Secure Development Lifecycle (SDL), i.e. the ISO 27034 standard. We use the relevant specifications for our project work - resulting from decades of consulting experience in this area, among others at some of the largest software manufacturers in the world.
Our projects always start with a threat model created at the design stage. Based on the threat model, we determine all threats and security-related measures for a project.
During the implementation itself, we strictly follow Test Driven Development (TDD) and always observe the relevant standards and best practices (e.g. MISRA-C/-C++, OWASP Coding Guidelines, etc.) depending on the respective platform and language.
After the implementation phase, we check the effectiveness of the implemented security measures along the threat model and thus ensure a complete screening of the security relevant functionalities.
- Marienstr. 12
- DE-10117 Berlin