Web Applications - The "Weak Link"

In Information Security Application security can no longer be an afterthought, or its responsibility relegated to network and firewall devices. Every network is “hackable”; and once inside the hacker has free reign unless the applications themselves prevent misuse and abuse. Making security a development requirement saves time & money, and most importantly, protects your critical data from exploitation.

Don’t wait until a security breach has you in trouble.

According to Gartner, 90 percent of externally accessible applications are Web-enabled, and two-thirds of them have exploitable vulnerabilities. Those are not good odds for companies who rely on Web-based applications to conduct business.

The Alarming Truth

"Approximately 100 million Americans have been informed that they have suffered a security breach so this problem has reached epidemic proportions.”

"Personal information stolen from 2.2 million active-duty members of the military, the government said…"

"Hacker may have stolen personal identifiable information for 26,000 employees"

Some Headlines You Don’t Want To Make – Are you Exposed?

Hackers steal 40 million credit cards from nine retailers

Cost of the data breach at TJX soars to $256M

Monster says data loss involved 1.3 million names

Credit Card Information stolen from State of Indiana's website

Are you confident this won’t happen to you?

A North American Retailer claimed that over 45.6 million cards belonging to customers were compromised in an intrusion that went undetected for over 18 months; however, several banks suing the company claim the actual number is 94 million cards, a vast majority of them issued by Visa. The breach prompted numerous lawsuits and calls for stronger data protection laws. By the retailers own estimates, the company has spent or set aside close to US$250 million for costs stemming from the incident.

What we offer

Security Testing Software - Black Box Testing

Rational AppScan Standard and Enterprise editions helps customers ensure the security of their Web applications. The online risk management and Web application security testing software can help drive cost out of an online operation by automating manual processes and identifying and prioritizing issues for immediate remediation. With this capability, organizations are better able to control costs and protect against the increasing number of threats targeted at the application level, including Web services. The solution also helps the delivery and development organizations address potential security risks before applications are moved into production.

Security Testing for Build Automation - White Box Testing

The most efficient and best method for constant security analysis of your IT applications is to incorporate security testing into your automated build environment. Rational App Scan Source Edition automates application vulnerability scanning, including automated JavaScript Execution, Auto Flash Parsing, and Web Service testing. It also builds security testing into the development lifecycle to find vulnerabilities early in the process.

PCI Compliance Review and Remediation

The Payment Card Industry Data Security Standard is a requirement for online retailers. If your organization handles credit card data in any fashion, you are subject to this standard. Our consultants will review your web security and application development standards before your auditors do, create a gap analysis and develop a remediation plan that will address your current risks and build into your procedures plans to address future potential risks.

The dirty dozen: preventing common application-level hack attacks.

Get started with web site security with this free white paper. It discusses the 12 most common hacks that can be prevented with proper testing and application development techniques. Sign up for this free white paper today.