These hacks highlight the need for companies that take responsibility for customers’ data to identify and correct potential security vulnerabilities.
(PRWEB) February 11, 2014
McCabe Software announced that it has joined forces with Bishop Consulting to help address security risks as exemplified by the recent data breaches at Target and Starbucks. “These hacks highlight the need for companies that take responsibility for customers’ data to identify and correct potential security vulnerabilities and weaknesses in their applications,” said Mark Wireman, Chief Technology Officer at Bishop Consulting. “Bishop Consulting will help developers utilize McCabe IQ to decompose their application into detailed, color-coded flow maps that reduce the time required to identify potential vulnerabilities compared to working with raw code.”
Target recently stated that 40 million payment card numbers and 70 million customer records had been stolen, reportedly by malware that grabs sensitive data as it travels through the system where it appears in plain text. This resulted in the attackers being able to easily compromise the credit card information because the data was not protected. The investigation is also revealing that credential information was also stored within the application’s source code. Meanwhile security researcher Daniel Wood reported that Starbucks’ smartphone app saves customers’ usernames, passwords and other personal information in plain text which leaves it vulnerable to hackers. Many other retailers, banks and credit card companies have either been subject to similar hacks or had vulnerabilities in their software exposed.
McCabe IQ’s quality management suite produces flow maps that provide a fast picture of what’s going on in an architecture, greatly reducing the amount of time required to identify vulnerabilities. For example, flow maps can be used to identify the movement and storage of data throughout the applications, making it easy to spot situations where data is stored or transmitted in plain text. McCabe’s white paper “Security Risk Identification: 12 Application Architecture Categories to Review” explains how critical categories of risks can be analyzed with flow maps. Bishop Consulting provides consulting services and training seminars to help application teams apply these capabilities to address security risks. This approach can also be used to comply with security standards such as DIACAP, PCI-DSS and ISO 2700X.
About Bishop Consulting
Bishop Consulting provides Project Management, Software Engineering, Software Development, Mobile Application Development, SharePoint services, Information Technology Security Assessments, Secure Software Development Processes, and Software Architecture Design services. One of its founders is Kim Shilling, an eleven year Navy veteran who holds a B.S. in Aeronautical Engineering, certificate in project management and is a Six Sigma Green Belt. Mark Wireman, the other founder, is a twelve year Navy, Navy Reserve, and Army National Guard veteran who is recognized as an industry leader in Application Security, Secure Coding, and Risk Management. For more about Bishop Consulting please visit http://www.bishopitsecurity.com.
About McCabe Software, Inc.
McCabe Software provides Software Quality Management and Software Configuration Management solutions worldwide. "McCabe IQ" (Integrated Quality) is used to analyze and visualize the security, quality, and testing of mission, life, and business critical applications. McCabe Software has offices in the United States and distribution worldwide, and can be found on the web at http://www.mccabe.com.
For more information or to schedule an interview, contact: McCabe Software Marketing - 401-572-3100.