Denim Group, the leading secure software development company, and NT OBJECTives (NTO), a leading provider of automated, comprehensive and accurate web application security software and services, today announced their alliance to provide enterprise customers with a comprehensive dynamic vulnerability management solution for web and mobile applications. Denim Group's ThreadFix application vulnerability management platform is now able to import the results from NTO's application scanner, enabling organizations to compare and analyze the results of other testing efforts and have a more complete picture of the results of their application security testing program.
"NTO is doing some very interesting things with their scanning technology, particularly related to testing for thick client applications and web services," said Denim Group CTO Dan Cornell. "By building the connector with ThreadFix, NTOSpider users can now import the results of their scanning efforts and manage them alongside static analysis or manual testing results to get a deeper understanding of where their application vulnerabilities lie."
NTOSpider's dynamic application security testing (DAST) engine allows companies to test mobile and web applications built with the newest programming technologies like REST, AJAX, JSON and GWT. Prior to NTOSpider, this testing had to be done manually. NTOSpider offers a repeatable, rapid, and comprehensive automated application security testing solution that now frees up security analysts to spend more time on other activities that must be done to properly secure software. NTOSpider offers more comprehensive application coverage combined with sophisticated attack methodologies as well as high rates for eliminating false positive and false negative findings. This makes the scanner an important weapon in the security team's arsenal for speeding up time to market.
"Application security teams can now use the efficiency of both ThreadFix and NTO Spider to analyze test results faster, creating a holistic view of the corporation's security posture that reduces the risk of damage to the company's intellectual property, data, and web applications," said Dan Kuykendall, NT OBJECTives co-CEO. "ThreadFix users benefit from this integration and can now consolidate the results of other testing activities to provide a full view of these efforts."
Typically, an organization's security team uses a combination of dynamic and static scanners as well as manual testing to identify potentially thousands of vulnerabilities in applications. In the past, these disparate results were typically haphazardly managed with inefficient Excel spreadsheets to track the status of each of these vulnerabilities. ThreadFix simplifies this process by importing dynamic, static and manual testing results into a centralized console that removes duplicate findings across testing platforms resulting in a prioritized security vulnerability list for each application. Unlike infrastructure security problems inside an organization, application vulnerabilities can only be fixed by software development teams. To enable this cooperation, ThreadFix exports its prioritized security vulnerability list into the defect trackers already used by development teams, translating vulnerabilities into software defects and essentially injecting these security tasks into the developer's regular work flow. By acting as a crucial link between the security and development teams, ThreadFix creates meaningful and productive two-way communications that dramatically streamline and accelerate the application vulnerability resolution process. The result is that with ThreadFix, applications vulnerabilities get fixed faster, reducing software risk and protecting corporate assets.
About NT OBJECTives
NT OBJECTives is an innovative provider of comprehensive application security solutions designed to help organizations discover threats, analyze risk and develop sound security strategies. Its unique technology provides automated and accurate application vulnerability assessment regardless of site complexity, while its world-renowned team of security professionals provides expert knowledge transfer and technical services to help businesses understand, build and achieve application security compliance. NTO is privately held with headquarters in Irvine, CA. For more information about NT OBJECTives, visit http://www.ntobjectives.com.
About Denim Group
Denim Group, the leading secure software development firm, builds custom large-scale software development projects across multiple platforms, languages and applications. What makes Denim Group unique is that the company brings significant core competencies in software security to the table, offering an innovative blend of secure application development, security assessments, application security trainingand consulting capabilities that protect a company's biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries. Its depth of experience building large-scale software development systems in a secure fashion has made the company's leaders recognized experts in their fields. Denim Group has been recognized as one of the 5,000 Fastest Growing Company's by Inc. Magazine several years in a row, and has won multiple other awards as well. For more information about Denim Group, visit http://www.denimgroup.com.