San Antonio, Texas (PRWEB) May 13, 2013
Denim Group, the leading secure software development company, today announced that ThreadFix, its open source vulnerability management platform, was chosen by CSO Magazine’s Bill Brenner as one of the top 20 free tools to help organizations increase the security of their IT infrastructure by information and network security professionals in today’s industry.
ThreadFix presents a significant breakthrough for industry professionals as it is one of the first software vulnerability aggregation and vulnerability management systems to collect, normalize and centralize application vulnerability data in a single location, making it dramatically easier to manage software security programs within organizations while easing communications with the software development team.
ThreadFix aggregates vulnerability test results from disparate static and dynamic scanning tools as well as the results of manual penetration testing, code review and threat modeling to create a single comprehensive view of the security status of all applications within an organization. ThreadFix removes duplicate findings to provide a prioritized list of vulnerabilities. The results are exported into defect trackers used by the company’s software developers, injecting resolution of these security tasks into their regular work flow.
“This solves a significant industry issue because building security into applications is typically an afterthought in a world that is focused on getting product out the door as quickly as possible,” said Dan Cornell, Denim Group CTO. “ThreadFix translates the software vulnerabilities identified by security professionals into application defects being tracked by software developers while prioritizing the most important problems that need to be fixed. This dramatically streamlines the application vulnerability management process.”
“We’re thrilled to be recognized by CSO Magazine, a premier security media brand known for providing industry leaders with the information they need regarding security best practices and strategic management issues,” Cornell added. “We released ThreadFix under an open source
license because we wanted it to be available to the widest audience possible and recognition such as this further advances that goal.”
Denim Group recently released an updated version of ThreadFix, which included a variety of enterprise-class capabilities requested by large organizations eager to adopt this innovative platform into their organization to speed up the securing of their customer-facing and internal applications. In addition to ThreadFix now working with additional sophisticated assessment tools to better fulfill the needs of enterprise-wide application security teams, ThreadFix 1.1 also offers a tighter integration with Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory (AD), enabling ThreadFix to be better integrated inside of enterprise workflows. In addition, ThreadFix also now allows security and development teams to discuss and add context to identified vulnerabilities, enabling meaningful two-way communications that enhance the quality of remediation efforts.
“The response we’ve received from the security and development communities since releasing ThreadFix last fall has been impressive,” said Denim Group Principal John Dickson. “The enhanced features and functionality we’ve made to the ThreadFix platform make the job of application vulnerability resolution even more straightforward than before and we are seeing even stronger enterprise demand for ThreadFix services and support. The commercial ecosystem this creates supports further advancement of the technology to more easily protect sensitive data and corporate assets with secure applications.”
About CSO Magazine:
CSO provides news, analysis and research on a broad range of security and risk management topics. Areas of focus include information security, physical security, business continuity, identity and access management, loss prevention and more. CSO magazine and CSOonline.com are published by CXO Media Inc., which is an IDG (International Data Group) company.
About Denim Group
Denim Group, the leading secure software development firm, builds custom large-scale software development projects across multiple platforms, languages and applications. What makes Denim Group unique is that the company brings significant core competencies in software security to the table, offering an innovative blend of secure software development, s security assessments, application security training and consulting capabilities that protect a company's biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries. Its depth of experience building large-scale software development systems in a secure fashion has made the company’s leaders recognized experts in their fields. Denim Group has been recognized as one of the 5,000 Fastest Growing Company’s by Inc. Magazine several years in a row, and has won multiple other awards as well. For more information about Denim Group visit http://www.denimgroup.com