Security Compass Partners with SAFECode to Boost Web Application Security Practices

Share Article

SAFECode is a center of excellence for vendor software assurance practices that unites subject matter experts with unparalleled experience in managing complex global processes for software sourcing, development and delivery. Security Compass has partnered with SAFECode to contribute to this excellence and truly improve the state of software security.

“Web application vulnerabilities are a constant and persistent threat to businesses and consumers around the world, and are often at the root cause of many data breaches and identity theft cases we see today” - Nish Bhalla, Founder of Security Compass

Security Compass, a leading web and mobile application security firm, today announced a new partnership with the Software Assurance Forum for Excellence in Code (SAFECode). Through the partnership, Security Compass will assist the non-profit organization’s software assurance directive by contributing new research on web and mobile application security issues. Security Compass will also provide key guidance on special projects directed at the software vendor community.

“Web application vulnerabilities are a constant and persistent threat to businesses and consumers around the world, and are often at the root cause of many data breaches and identity theft cases we see today,” said Nish Bhalla, founder and CEO of Security Compass. “While the software industry has made great strides in reducing the instances of these vulnerabilities, serious flaws persist in many web and mobile apps on the market today. To solve this problem we need to refine both the development and security practices within the industry and place a higher level of priority on developing secure code from the start. For this reason we’re very proud to have this opportunity to work with SAFECode, one of the world’s leading software assurance training organizations, to assist its efforts at expanding the industry’s scope of knowledge when it comes to software security.”

SAFECode is a center of excellence for vendor software assurance practices that unites subject matter experts with unparalleled experience in managing complex global processes for software sourcing, development and delivery. Its mission is threefold: to encourage broad industry adoption of proven software security, integrity and authenticity practices; drive clarity into vendor software assurance practices to empower customers and other key stakeholders to better manage risk; and foster a trusted exchange of insights that advance software assurance practices. The non-profit organization is led by Executive Director Howard Schmidt, former Special Assistant to the President of the United States and Cybersecurity Coordinator for the US federal government, and Chairman Eric Baize, Senior Director of Product Security and Trusted Engineering at EMC Corporation.

As a security firm specializing in web and mobile application risks, Security Compass is uniquely positioned within the industry to provide the most holistic approach to “AppSec” for any type of company or organization. Security Compass is able to provide companies with a true end-to-end application security program that covers all of their organization’s needs, from education to real-world implementation. The company’s depth of experience and offerings include:

  •     Security Compass’s extensive field experience in application security in forms of training and guidance at a development and management level. The company continues to provide application security assessments, mitigations, secure development, to major corporations, and startups in key industries like banking, financial services, healthcare, insurance, technology, media, government and critical infrastructure.
  •     The company was also the first to offer a secure application lifecycle management platform, known as SD Elements. This enterprise secure development solution walks development teams through the process of how to build web or mobile apps that are secure from the very start. When using SD Elements, every significant software security requirement is coded into the app from the beginning, eliminating the creation of security flaws and vulnerabilities typically found just before release into production. With SD Elements, developers can eliminate 97% of high-risk vulnerabilities, many of which are not detected by standard vulnerability scans.
  •     State-of-the-art computer-based training (CBT) courses that address both high-level and highly specific web application security issues which can benefit anyone, from certification-track corporate IT teams and developers to non-technical management, employees and end-users. These online courses are advanced enough to allow students to achieve key industry certifications like CSSLP - Security Compass is the sole official partner with (ISC)2 - and compliance standards such as PCI DSS. For advanced students, the online training encompasses specific security issues like how to defend PHP, .NET, C++, HTML5, Java and iOS, as well as the OWASP Top 10. At the same time, it also covers more general concepts for the non-technical user, such as security awareness training and web security basics.

Over the years, Security Compass has partnered with a number of leading companies and organizations to further the goal of software immunity to attacks, flaws and other issues. Its effort to develop the industry’s first secure application lifecycle management platform, which makes it easy for development teams to build highly secure applications, has been recognized by Ovum, Gartner and Adobe.

###

About SAFECode

The Software Assurance Forum for Excellence in Code (SAFECode) is a non-profit organization exclusively dedicated to increasing trust in information and communications technology products and services through the advancement of effective software assurance methods. SAFECode is a global, industry-led effort to identify and promote best practices for developing and delivering more secure and reliable software, hardware and services. Its members include Adobe Systems Incorporated, CA Technologies, EMC Corporation, Intel Corporation, Microsoft Corp., SAP AG, Siemens AG and Symantec Corp.

For more information, please visit http://www.safecode.org

About Security Compass

Headquartered in Toronto, Security Compass is a leading information security firm specializing in web and mobile application security for Fortune 10s-500s, large financial institutions, energy firms, technology/software providers, media companies, retailers, and other businesses. Security Compass guides teams in building customized security blueprints based on industry standards, software development lifecycle, and business needs, to cost-effectively mitigate risks. Its secure application lifecycle management tool SD Elements, was selected for Ovum's 2014 On the Radar report and recognized by Gartners 2014 Cool Vendors in Application and Endpoint Security report.

Learn more and visit: http://www.securitycompass.com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Christine MacDonald
Visit website