At Lycantec, in addition to common methods such as code reviews, unit tests, coding guidelines and QA procedures, we primarily use automated tests as the basis for enforcing our own quality standards.
This includes dependency checks, static and dynamic code analysis, vulnerability scans, penetration tests and fuzzing tests against our own applications.
We are guided by public standards such as the NIST Framework, BSI Grundschutz and OWASP (Open Web Application Security Project).