Foundstone Launches S3i Service Line to Aid in Secure Software Development; Initiative Addresses Increasing Demand for Building Security into Software.Business Editors/High-Tech Writers MISSION VIEJO Mission Vi·e·jo A community of southern California southeast of Irvine. It is mainly residential. Population: 96,300. , Calif.--(BUSINESS WIRE)--May 14, 2004 Foundstone Inc., experts in strategic security, today announced the introduction of its Strategic Secure Software Initiative (S3i(TM)). The offering includes turn-key enterprise programs and testing services including: requirements analysis (project) requirements analysis - The process of reviewing a business's processes to determine the business needs and functional requirements that a system must meet. , threat modeling, policy development and source code reviews by Foundstone software security experts. Application security has become one of the highest priorities for organizations worldwide due to the escalating exploitation of software flaws. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. ), software flaws cost over $59.9 billion per year(a). While preventive technologies like firewalls and vulnerability management are important in securing networks, security practitioners recognize it's equally important to address the costly remediation efforts by minimizing vulnerabilities early during the software development cycle. "Most forms of deterrence are better than no deterrence at all, but it is important not to let the focus shift away from the vulnerabilities that enable the worms to damage businesses," said John Pescatore, vice president/research fellow covering security at Gartner. "As long as software has glaring holes, someone will exploit them, much the way car thieves continue to steal cars where the key is left in the ignition." "Application security, especially in the field of Web Services (1) Loosely, any online service delivered over the Web. Such usage appears in articles from non-technical sources, but not in IT-oriented publications, because definition #2 below describes the correct use of the term. , is the newest and most challenging frontier in information security today," said Denis Denis, king of Portugal: see Diniz. Verdon, senior vice president and head of corporate information security for Fidelity National Financial. "Foundstone has helped with assessing the security of some of our own Web Services initiatives in the past and we continue to tap their expertise as part of our secure application development program." Foundstone has a broad range of experience providing Web application assessments and penetration testing since its inception in 1999. S3i is an expansion of those services, and helps clients define, design, develop, deploy and maintain reliable and secure software. By understanding and managing inherent risk and measurably improving the software development life cycle, Foundstone helps its clients reduce development costs and improve performance. "Engineering security into the software development lifecycle doesn't have to be disruptive to your business," said Mark Curphey, founder of OWASP (Open Web Application Security Project) An organization founded by Mark Curphey in 2001 to help make open source software secure. With member communities around the world, OWASP projects are involved with specific programming languages, functions and and director of consulting for Foundstone. "Foundstone has worked with many of the world's leading companies to achieve this goal, and we've based our new S3i offering on real world best practices." In addition to expert consulting services, Foundstone offers Enterprise Risk Solutions(TM) software to help organizations comprehensively discover, inventory, prioritize, and remediate all assets on a global network. The suite provides exceptionally accurate, high-speed vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. of all network assets, intuitive reports and metrics, and a tightly integrated threat correlation module which correlates critical threats with prioritized assets so security and network operations can focus on the assets that matter the most. About Foundstone Foundstone(R) Inc., experts in strategic security, offers a unique combination of software, services, and education to help organizations continuously and measurably protect the most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company has one of the most dominant security talent pools ever assembled, and has authored twenty books, including the best-seller Hacking Exposed. Foundstone customers include six of the top 11 Fortune companies and many U.S. government agencies. The company has headquarters in Orange County, Calif., and has offices in San Antonio, New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of , Washington, and Singapore. For more information about Foundstone, visit www.foundstone.com, or call 877-91-FOUND within the United States, and 949-297-5600 outside the United States. About Fidelity National Financial Fidelity National Financial Inc., number 262 on the Fortune 500, is a provider of products and outsourced services and solutions to financial institutions and the real estate industry. The company had total revenue of more than $7.7 billion and earned more than $860 million in 2003, with cash flow from operations Cash flow from operations A firm's net cash inflow resulting directly from its regular operations (disregarding extraordinary items such as the sale of fixed assets or transaction costs associated with issuing securities), calculated as the sum of net income plus noncash expenses of nearly $1.3 billion for that same period. FNF FNF Fidelity National Financial FNF File Not Found FNF Friedrich Naumann Foundation FNF Forgiven, Not Forgotten FnF Frags'n'fries (Battlefield gaming clan) FNF Fastest Node First (algorithm) is one of the world's largest providers of information-based technology solutions and processing services to financial institutions and the mortgage and financial services industries through its subsidiary Fidelity Information Services See Information Systems. Inc. More information about the FNF family of companies can be found at www.fnf.com and www.fidelityinfoservices.com. Note to Editors: Foundstone is a trademark of Foundstone Inc. All other companies, brand names or products are trademarks or registered trademarks of their respective companies. (a) Study by Department of Commerce's National Institute of Standards and Technology (NIST), June 28, 2002. http://www.nist.gov/public_affairs/releases/n02-10.htm |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion