T1 Secure Development Platform (T1 SDP)

Main article: SaaS - History. Philosophy. Development drivers

2022: Platform Launch

Cloudy provider T1 Cloud On July 8, 2022, he announced the launch T1 of SDP, a secure cloud development platform that significantly simplifies the process of building DevSecOps a conweier by offering pre-installed code analysis tools from the cloud.

T1 Cloud launched the T1 SDP service, which includes a suite of services for SAST/DAST/OST code analysis to help identify security flaws at all stages of product development: SAST SolarAppScreen, DAST SolidWall DAST, OST Dependency Track (Open Source) and SolidWall VS, Elastic (OpenWall), SolidSource App

T1 SDP is a fault-tolerant cloud platform that is resilient to current computing needs to help reduce risk and additional costs. Among its advantages are reliable protection against cyber threats and data leaks, reducing reputation risks and accelerating time-to-market, reducing information security costs, saving on licenses, detecting problems at all stages of development, improving code quality, as well as integrating security tasks immediately into software creation processes. The T1 SDP cloud platform also allows you to use additional security tools to prevent various types of fraud and attacks: targeted, massive application-level attacks and automation attacks.

T1 Cloud is actively developing the SSDLC direction - the process of secure software development. According to market analysts, the cost of fixing vulnerabilities at the design stage can be 30 times lower than the cost of fixing the same vulnerabilities after the release of the product. Our platform, together with the competencies and consulting of the technology partner of SolidLab, helps to identify code security flaws and get rid of them long before the release of the product. We have deployed Secure SDLC/DevSecOps tools in the T1 Cloud, which are used for comprehensive testing and maximum product readiness, "said Mikhail Avseenko, Head of Information Security Products at T1 Cloud.

2021: DevSecOps Tool Testing Lab Introduction

Cloudy provider T1 Cloud Together SolidLab with the recently launched T1 Secure Development Platform (SDP), on October 21, 2021, he presented a service - a laboratory for testing tools DevSecOps based on the virtual T1 Cloud environment. The service is designed to justify the selection and testing of solutions to ensure the security of applications during the life cycle of their development.

T1 SDP platform services include the DevSecOps toolkit, as well as services for supporting secure development processes. The platform is constantly developing and new services regularly appear in it. One of them is a laboratory for testing technical solutions.

The laboratory service is addressed to companies that carry out their own development of critical business applications or order it from external contractors. With it, you can quickly and efficiently assess the overall level of security of applications, as well as approaches and tools to reduce information security risks.

The laboratory is a cloud ecosystem in which the main classes of application security analysis tools in the development process (SAST, DAST, OST and others) are deployed, as well as management, analytics and integration components from domestic and foreign vendors. The laboratory also allows the customer to place their own tools for testing the possibility of embedding analysis tools in the automated CI/CD process.

{{quote 'The demonstration stand for the service presentation allows you to get acquainted with the capabilities of the "T1 SDP" in more detail. In addition, a period of pilot use of the service is provided: specialists will provide full consulting and technical support, help to determine the objects of testing and understand the results, as well as plan further steps to introduce secure development tools into the processes of the client company, - said Vyacheslav Zheleznyakov, Development Director of SolidLab. }}

The popularity of DevSecOps is facilitated by more frequent application updates compared to previous years. The methodology for quickly creating secure solutions has become in demand with the advent of Agile and DevOps approaches aimed at improving the quality and speed of software delivery, "said Mikhail Avseenko, product manager at T1 SDP of cloud provider T1 Cloud. - Integration of security tasks into software creation processes eliminates the need for repeated checks and assemblies, improves code quality and reduces company costs. Cyber ​ ​ threat protection is becoming one of the criteria for product quality,

DevSecOps (development, security, operations) takes into account information security requirements at all stages of the software development lifecycle: from design to integration, testing, deployment and delivery of the product. Solving security issues as they arise reduces the time and money spent by development companies because late-stage code fixes are resource-intensive. Thus, the introduction of DevSecOps reduces the total cost of software ownership and reduces the risks of transferring releases of new products due to vulnerabilities found during final testing. In addition, the methodology allows you to distinguish responsibility for application security between all participants in the stages of the release cycle without increasing the load on the information security department.