The new TeamMentor Enterprise Edition includes guidelines for developing applications in compliance with the latest version of PCI-DSS (2.0), the actionable framework for developing robust payment card data security processes. It also includes the most up-to-date OWASP Top 10 threats and mitigations, which have become a widely recognized informal standard for Web application security. The Top 10 list is referenced in standards such as the PCI-DSS and is used as a basis for many internal security policies.
“Organizations understand the requirements they need to adhere to, but translating that into specific development actions is challenging,” said Fred Pinkett, vice president of product management, Security Innovation. “TeamMentor provides an easy way to bridge the gap between requirements like PCI-DSS, internal practices and development implementation by guiding architects, developers, testers and managers with knowledge and standards so they can proactively build security into all phases of the software development and deployment lifecycle. The result is compliance that brings with it lower costs, lower risks and data protection.”
Insecure applications are the biggest threat to data. More than 90% of data breaches occur at the application layer. As a result, regulators and industry standards bodies have dutifully added explicit and implicit security requirements as they relate to application development practices. Security Innovation has linked its knowledge of secure application development with the latest industry standards, requirements and guidelines. The new best practices include guidelines for developing with:
OWASP Top 10 Application Security Risks
Common Weakness Enumeration Top 25 Most Dangerous Software Errors
Security Innovation has also continued with its commitment to bring deep technical content to TeamMentor Enterprise Edition by adding hundreds of assets, such as in depth labs on the most popular developer technologies.
New C++ library that includes guidance to avoid making commonly exploited mistakes, such as buffer overflows, integer overflows, format string vulnerabilities, insecure error handling, various memory allocation and pointer errors, etc.
New Security Engineering library that covers the main aspects of integrating security engineering activities into the software development life-cycle.
New ASP.Net library with support for ASP.NET 4.0, the latest version of this Microsoft framework
Updated Java content
Aligning with its strategy to be the authority on application security, Security Innovation also announced today the availability of 13 new courses to its TeamProfessor Web-based training library. See press release: “Security Innovation Brings Real-world Experience to Secure Application Development.”
About Security Innovation
Security Innovation is an established leader in the application security and cryptography space. For over a decade the company has provided products, training and consulting services to help organizations build and deploy more secure systems and improve the process by which their applications are built.
Security Innovation built upon its core competencies in application security with the acquisition of NTRU CryptoSystems in 2009, a company that developed proprietary, standardized algorithms. This resulted in the strongest and fastest public key cryptography available and the means to overcome historical performance barriers that have plagued the encryption industry. With these core strengths intact, Security Innovation is in a position to help organizations protect their data at two critical points: while applications are accessing it and during transmission. The company’s flagship products include TeamProfessor, the industry’s largest library of application eLearning courses, and TeamMentor, a web-based secure development methodologies product.
Security Innovation is privately held and is headquartered in Wilmington, MA USA.
Note to Editors: Security Innovation, TeamMentor, TeamProfessor and the Security Innovation logo are trademarks of Security Innovation. All other brand names may be trademarks of their respective owners.
(978) 694-1008 x121
Lois Paul & Partners