Toronto, ON (PRWEB) February 05, 2014
Security Compass, a leading web and mobile application security firm, is pleased to announce it has been recognized by the prestigious global analyst firm, Ovum, for its first-to-market software security requirements management solution, known as SD Elements. Security Compass was selected for Ovum’s ‘On the Radar’ series which “highlights up-and-coming vendors that bring innovative ideas, products, or business models to their markets.”
According to Ovum’s report*, Security Compass’ SD Elements tool should be on the watch list of enterprise users and can “raise the level of security maturity within a development team and can have significant benefits in increasing the robustness of applications being developed.”
“We’re proud to have been recognized by Ovum for our efforts to make proactive software security easy to achieve for today’s overworked development teams,” said Rohit Sethi, VP of Security Compass and head of the SD Elements project. “Building in security from the start is critical for protecting the integrity of web and mobile applications against a wide range of information security threats - but for the majority of developer teams, this is easier said than done. With SD Elements, we’ve tried to create a seamless, automated process that guides the developer through the design process, implementing robust security controls each step of the way, so that once an app is finished, it is immune to up to 97 percent of high-risk vulnerabilities. As Ovum correctly noted in its analysis, the security industry has been largely focused on detecting vulnerabilities, but not on preventing them in the first place. Our goal with SD Elements is to change this dynamic for the betterment of both private and public organizations.”
SD Elements is the world’s first secure application lifecycle management (SALM) tool that helps developers build-in security from the start. It effectively eliminates high-risk vulnerabilities from web and mobile applications before completing the development cycle, thereby allowing development teams to produce highly secure apps before going live. The tool provides tailored security requirements, links them to test cases and delivers them into development tools. It also provides coding advice, vulnerability scanners and source code reviews.
“Security Compass has strong potential to grow the level of knowledge in preventive security within the developer community,” wrote Michael Azoff, principal analyst and Chandranshu Singh, senior analyst of Ovum in the ‘On the Radar’ report. “The company is addressing a gap in the market in terms of knowledge of secure development practices for which there is an urgent need for reducing common and advanced security weaknesses.”
Overview of the Ovum Report:
Here are a few highlights from Ovum’s ‘On the Radar’ report about Security Compass:
- Ovum believes that Security Compass's SD Elements offering brings value to the development team by providing a context-aware list of security requirements that an application must meet and can be tested against. The product also facilitates in context delivery of security-related guidance to developers at the point they need it in the development cycle.
- In Ovum's view, reactive measures to application security are not able to combat the issue adequately. Organizations need a mix of tools, developer skills, and process maturity to effectively address this challenge. So far, the market has seen tools attacking the problem in a reactive sense, and organizations have had little success with secure development training, and sensitization of the development team toward security concerns. Security Compass's offering addresses these concerns by combining a proactive approach to application security and secure development training guides in one tool that has many touch points with the development lifecycle.
- Security Compass has addressed preventive security by building in security from the ground up.
- The SD Elements guidance system database is continually updated by Security Compass with the latest security threat discoveries.
- It provides development-language-specific guidance to programmers.
- Application-context-aware security requirements provide organizations with a measurable goal to work and measure progress against.
- It imports results from popular security scanners.
*To read the full report, visit http://www.securitycompass.com/feature/ovum-on-the-radar.html.
What is SD Elements?
Instead of fixing application flaws after the fact, SD Elements enables developers to create secure code from the start, and prevent vulnerabilities from ever existing. Developers who use SD Elements can reduce high-risk vulnerabilities in their applications by as much as 97 percent. The platform offers a number of important features, including the industry’s largest database of software security requirements and test cases, detailed reporting, customizable content, task prioritization, code samples, embedded training and constant security updates.
The secure application lifecycle management needs of organizations are increasingly inherent in their everyday life. Compliance (PCI, HIPAA), secure coding, best practices in the software development lifecycle are continually at the forefront of companies’ minds. Working with leading Application Lifecycle Management (ALM) solutions like JIRA, Rally and Team Foundation Server we can help our clients create and validate a method of deploying secure software while building security in.
About Security Compass
Headquartered in Toronto, Security Compass is a leading information security firm specializing in web and mobile application security for Fortune 500s, large financial institutions, energy firms, technology/software providers, media companies, retailers and other businesses. Security Compass was a key contributor on mobile application security to the HP 2012 Cyber Risk Report. Website: http://www.securitycompass.com.
About SD Elements
SD Elements is a software security requirements management solution. Using a short questionnaire, SD Elements automatically generates relevant security requirements for an application, links them to test cases and delivers them into development tools. When building or maintaining a mature application, SD Elements effortlessly integrates with your development tools and processes to ensure your software is secure. It provides prescriptive, secure coding advice based on your project’s application technology, business and compliance drivers. With SD Elements, vulnerability scanners and source code reviews validate that you have followed requirements eliminating costly vulnerability remediation. SD Elements scales easily to thousands of applications allowing centralized information security teams to positively influence software development across the organization with minimal process change. Website: http://www.sdelements.com.