Secure Development Practices
Robust Security Practices
While you may see Intel primarily as a technology provider, we’re also a process leader that develops and role models leading practices. Security is no exception.
Our product and process breadth puts us at the forefront of secure development practices. This discipline guides how we design, develop, test, and support products customers can trust.
Requirement Definition
No single solution exists for component-level security. Each product requires security aligned to its features, uses, and risk. Security requirements are typically defined early in design, helping ensure they match a product’s features as well as functional, user, and legal requirements and standards, among other factors. Since these factors change, security requirements must also adapt over the entire lifecycle.
Threat Modeling
Evaluating our products to determine potential security threats based on adversary models. This helps create a plan to address threats. Intel products go through a rigorous threat modeling process, starting at the very beginning stages of product planning and all the way through deployment of a product.
Architecture Review
Experts across disciplines review each product’s architecture and carefully consider potential threats covering security aspects for microcode, hardware, firmware, software, and cryptography.
Development Tools
Intel develops proprietary tools based on our security development needs, covering both hardware and software. We use these tools to guide our own efforts and to help ensure that open source software meets the highest security standards. Many of our tools are state-of-the art, advancing software security; Intel not only uses them internally, but also offers them to the security community for use.
Validation
Security verification efforts aim to ensure our products adhere to the security requirements defined at the beginning of development. Validation teams first focus on confirming the design they’re validating is functionally correct. They then strive to confirm that the systems shield sensitive information.
Hackathons
One aspect of Intel’s security first mindset is thinking like a hacker by breaking what we build. Hackathons are a critical part of this effort. These events bring together product and security experts with the purpose of finding security vulnerabilities within the product to complement a structured security evaluation.
Access Intel Development Insight
Intel contributes our security learnings and expertise to benefit the global community in a number of ways, including publication of guidance and best practices for developing with security in mind.