Software Security Assurance


 A Risk Managed Approach Improving The Security Of Software


There is no argument any more - Application attacks are here to stay, and on the rise. Even those companies that should be keeping us safe, and should be better prepared,  are becoming victims to cyber-criminals. Just ask Symantec who has just had it's dirty laundry exposed in the press on November 24th, 2009.


So even one of the leading security firms in the world has gaping security holes in its applications, that could cost exorbitant amounts of money to remediate, apart from the legal fees, regulatory implications and communications required to keep its customer base. Anyone who develops or uses applications to keep their business running is at risk.

Why Is This Happening So Much These Days?
Many IT decision-makers overlook the need to secure the business applications that run their day-to-day operations - especially partner portals, shopping baskets, or appointment scheduling, which let customers and vendors interact with internal systems. These applications are often packed with credit card numbers, addresses, personal health information, or other data ripe for exploitation.  But even focusing on security features at both the infrastructure and application level isn’t enough - Businesses must also consider flaws in their design and implementation. Hackers looking for security flaws within business applications often find them, thereby accessing the hardware, operating systems and data with which the applications interact - without security constraints. In fact, according to Gartner, 75 percent of security breaches are now facilitated by applications. The National Institute of Standards and Technology raises that estimate to 92 percent

What You Need To Do To Minimise Your Risk - SSA
Software Security Assurance (SSA) addresses the immediate risk posed by security vulnerabilities in deployed applications as well as the systemic risk in development processes that don’t take security into consideration. Because the threat extends to all sources of software, SSA addresses all sources of software: internal, outsourced, procured through vendors, or open source. With SSA, organisations can map their application security activities with the organisation's risk objectives and demonstrate clear value to stakeholders.
© 2009 Nobel Consulting Group Pty Ltd. Head Office at Level 8, 350 Collins Street, Melbourne, VIC, 3000
Legal NoticeIPrivacyISupport I About Nobel I Contact Nobel