Software controls application security risk.
March 28, 2007 -
Assessment Management Platform® v3 offers web-based interface for multi-user lifecycle collaboration and control of application security risk throughout enterprise in consolidated global view. Powered by Phoenix product architecture, which can analyze Web 2.0 applications for vulnerabilities, solution provides distributed, scalable platform to assess and manage application security risk. Solution also incorporates application weighting risk management component.
(Archive News Story - Products mentioned in this Archive News Story may or may not be available from the manufacturer.)
|Original Press release |
115 Perimeter Center Place, N.E.
Atlanta, GA, 30346
SPI Dynamics Announces AMP 3 for Enterprise Risk Management, Visibility and Control of Application Security Across the SDLC
AMP 3 Leverages Web Interface for Enhanced SDLC Collaboration and Application Weighting Capability for Enterprise Risk Management
ATLANTA, March 13 -- S.P.I. Dynamics, Inc. (www.spidynamics.com), the leading provider of web application security software and services, announced today the company's latest version of the Assessment Management Platform(R) (AMP), version 3, that includes a web-based interface for multi-user lifecycle collaboration and control of application security risk throughout the enterprise in a consolidated global view. AMP delivers a distributed, scalable, platform used by information security professionals, CISOs, CIOs, line-of-business managers, compliance officers, developers, and QA professionals to assess and manage application security risk.
Today, security professionals in all industries are dealing with an ever- increasing and overwhelming number of applications, vulnerabilities and technical experts around the world. They must identify critical applications, maintain a holistic risk management view, and give numerous stakeholders visibility into the state of application security across the enterprise. While doing this, they must scale their assessment processes across the enterprise and throughout the lifecycle to developers, quality assurance teams, other security professionals, and even line of business managers who own the applications. Organizations are striving for proactive application security programs that find vulnerabilities early in the lifecycle, to avoid excessive costs associated with fixing defects in production applications. To do so, all of the stakeholders and participants require easy access to robust application security testing tools that do not require security expertise.
"AMP is the first and only assessment platform to fully address the emerging complexities of today's web application security programs. AMP sets the standard for advanced global security programs that enable a variety of stakeholders and participants from around the world to get the information they need about application security and participate in the assessment and remediation process, while enabling security professionals to maintain centralized control." said Caleb Sima, co-founder and CTO, SPI Dynamics. "Another factor driving the increased complexities in the security programs is that the web applications are built on new technologies. AMP 3 is powered by SPI Dynamics' new Phoenix product architecture, which is the first and only technology able to analyze complex Web 2.0 applications to reveal previously undetectable vulnerabilities."
This level of scalability and sophistication requires clear roles and responsibilities, well-defined processes and cutting-edge technology. The security professionals driving these programs need sophisticated software to help them coordinate a global team of people working to manage and mitigate application risk.
SPI Dynamics enhanced AMP to continue to support the sophisticated security and risk management programs of its 950 customers, the largest customer base in the application security market. AMP 3 fully integrates the entire SPI Dynamics' product suite including DevInspect(R), QAInspect(R), and WebInspect(TM) to find and fix application security defects across the enterprise and throughout the lifecycle, creating the industry's first comprehensive application security center of excellence.
Powerful Application Lifecycle Collaboration with Intuitive Web User Interface
AMP 3 includes a new web user interface to give security professionals, executives, line managers, developers and quality assurance teams anytime, anywhere access to AMP functionality. Now, the core application security experts can extend their team by giving developer and QA professionals the ability to quickly execute an application security test or access information about application security quickly and easily without all the work associated with software installation, configuration and maintenance. The web interface provides users the ability to configure their interface, data and dashboards exactly as they need them. Organizations are able to significantly reduce costs by using AMP throughout the application development lifecycle for collaboration on finding and fixing application-level security defects early prior to production.
Enterprise Risk Management Through Application Weighting
AMP 3 also includes a new risk management component, application weighting, which allows users to prioritize and sort all applications within their organization by a combined risk score which is based on vulnerabilities found and the importance of the application to the business. This enables organizations to identify and focus on the riskiest sites without having to manually score all of the sites. The score considers the number of vulnerabilities, the severity of those vulnerabilities and the importance of the web application being assessed. By combining the risk weighting with discovered vulnerabilities, AMP prioritizes all sites based on their risk score giving security professionals the information they need to plan and manage remediation programs.
Analysis of Complex Web 2.0 Applications with New Phoenix Architecture
AMP leverages the Phoenix architecture (announced earlier this year: http://www.spidynamics.com/news/pr/pr12907a.html) to deliver faster scanning capabilities, broader assessment coverage, and the most accurate results of any web application assessment product.
For more information on AMP 3, available March 15th, please visit www.spidynamics.com.
About S.P.I. Dynamics, Inc.
SPI Dynamics' comprehensive suite of products and services identify and remediate Web application and Web services security vulnerabilities at key stages throughout the application development lifecycle. In addition, SPI Dynamics' award-winning solutions enable security professionals, QA testers, and developers to work together to verify compliance with over 22 security policies like SOX, HIPAA and PCI. The Company's unique approach, utilizing patent-pending Intelligent Engines(TM) technology, combined with the industry's largest Web application security vulnerability knowledgebase, delivers unparalleled speed and test accuracy. SPI Dynamics has the most application security testing customers worldwide - over 950 clients among Global 2000 enterprises, including over 95 U.S. Federal accounts. The Company is one of the fastest growing in the security industry, ranked 83rd on Deloitte and Touche's "Fast 500" list of growing technology companies nationwide, 220th on the Inc. 500 and an Info Security Products Guide "Hot Company" in 2005 and 2006. SPI Dynamics has strategic partnerships with Microsoft, IBM, HP (formerly Mercury), and Visa. The Company's R&D team, SPI Labs, is widely recognized as a world leading authority on web application security and risk management. SPI Dynamics is privately held with headquarters in Atlanta, Georgia. For more information, visit www.spidynamics.com or call (866) 774-2700.
Assessment Management Platform, DevInspect and QAInspect are registered trademarks, and WebInspect and Intelligent Engines are trademarks of S.P.I. Dynamics, Inc. Product or service names mentioned herein are the trademarks of their respective owners.
CONTACT: Ashley Vandiver of SPI Dynamics, +1-678-781-4841 (office), +1-404-432-8657 (mobile), email@example.com; or Michelle Schafer +of Merritt Group, +1-703-390-1525 (office), +1-703-403-6377 (mobile), firstname.lastname@example.org for SPI Dynamics