SPI Dynamics Contributes to the Development of the SANS Institute's First Secure Coding Certification Examination for Developers
Share:
SANS has Strategically Teamed with SPI Dynamics to Deliver a 40-City Educational Workshop Series to Address Secure Software Development
ATLANTA, March 26 -- S.P.I. Dynamics, Inc., the leading provider of web application security testing software, announced today that the company has partnered with renowned educational organization, the SANS Institute, to help develop and provide significant content to the GIAC (Global Information Assurance Certification) Secure Software Professional (GSSP) exam, the industry's first certification examinations for development professionals. Additionally, SPI Dynamics and SANS have teamed to deliver the Software Security Series, a 40-city educational workshop series focused on secure coding techniques and best practices for the developer community. These initiatives will help establish a needed baseline for the developer community.
"In this age of Web 2.0, secure software development is critical. SPI Dynamics has been proactively educating those involved in the development lifecycle for over five years. In addition, three years ago SPI Dynamics founded the Secure Software Forum which includes free workshops, executive dinners, customer and key partner webcasts and expert articles to bring attention to the need for secure development practices," said Michael Sutton, Security Evangelist for SPI Dynamics. "We are delighted to team with the SANS Institute, who is recognized as a leading educational authority on security, to continue our efforts of evangelizing the need for security as a non- disruptive component of development to our over 950 customers and the broader software industry."
Educating developers on building secure code is key to solving the intricate security implications of the evolving web with increasingly dynamic and rich applications that take advantage of the latest development technologies such as AJAX. In addition to ongoing educational events, informational webcasts and expert articles, SPI Dynamics has introduced products throughout the development lifecycle that natively integrate with development platforms to conduct application security testing as an integrated and non-disruptive part of existing software development processes.
"SANS is excited to work with industry leaders like SPI Dynamics who have specific expertise and longevity in the developer security market to expand our educational offerings. We strongly believe there is a dramatic need for vendor neutral focused programs and resources for the developer community to facilitate the learning of secure coding best practices and to fundamentally change the way software is developed," said Alan Paller, SANS Institute. "We look forward to an ongoing relationship between SANS and SPI Dynamics and jointly offering educational initiatives that further this important cause."
According to Gartner, "Way too often, application developers mistakenly believe that application security is a responsibility of security professionals. They assume that their only responsibility is to deliver functionality requested by their business clients. They analyze, design, program and test applications to ensure that applications are compliant with clients' functional requirements. They are not testing applications for conditions that could break or abuse applications. The application security discipline should be a set of technologies and methodologies enabling a construction of applications that could withstand attacks against application quality. Application security measures should be applied along all software development life cycle phases - from analysis, through design, programming, testing, deployment and operations."(1)
GIAC Secure Software Professional (GSSP) Exam
SPI Dynamics has been an early participant in discussions with SANS on best practices and standards for the development community, and has contributed significant resources towards the overall program initiatives, including a majority of the content to the first GSSP certification examinations for programming professionals that SANS has in development. The examinations cover four specific programming language suites: C/C++, Java/JSP, Perl/PHP, and .NET/ASP, and are designed to enable reliable measurements of technical proficiency and expertise in identifying and correcting the common programming errors that lead to security vulnerabilities. SPI Dynamics will be participating in the SANS launch event on March 26th in Washington, D.C. to announce the certification examinations for programming professionals and their overall developer security program. Several SPI Dynamics' customers will also be participating in a panel discussion at the event.
Software Security Series
Security issues in application software are nothing new and have been prevalent since software was introduced. However, the new technologies of today can amplify the common insecurities found in applications not built with security in mind. The 40-city joint workshop series hosted by the SANS Institute and SPI Dynamics (http://sans.org/softwaresecurity07/index.php) is dedicated to educating developers on how to develop secure software, and also provides a hacker's perspective while covering the widespread attack techniques used today to maliciously compromise critical applications.
Working with more than 950 customers, the largest customer base in the application security market, SPI Dynamics has developed the most innovative solutions that address the growing need to simplify security testing and incorporate it as an integrated function of the overall software development lifecycle. For more information on SDLC security testing solutions from SPI Dynamics, please visit www.spidynamics.com/
About S.P.I. Dynamics, Inc.
SPI Dynamics' comprehensive suite of products and services identify and remediate web application and web services security vulnerabilities throughout the application development lifecycle. These award-winning solutions also enable security professionals, QA testers, and developers to work together to verify compliance with over 22 security policies like SOX, HIPAA and PCI. SPI Dynamics has the most application security testing customers worldwide - over 950 clients among Global 2000 enterprises, including four out of five of the world's largest banks and nine out of ten of the largest banks in the U.S., four out of five of the largest software companies, three out of four of the largest aerospace and defense companies, the four largest accounting firms, the five largest telecommunications companies in the U.S., six out of eight of the largest technology hardware and equipment companies, two out of three of the largest healthcare companies, and over ninety U.S. Federal agencies. The Company is one of the fastest growing in the security industry, ranked 83rd on Deloitte and Touche's "Fast 500" list of growing technology companies nationwide and 220th on the Inc. 500. SPI Dynamics has strategic partnerships with Microsoft, IBM, HP, and Visa. The Company's R&D team, SPI Labs, is widely recognized as a world leading authority on web application security and risk management. For more information, visit www.spidynamics.com/ or call (866) 774-2700.
(1) Gartner, Inc., "Application Developers Should Assume Responsibility for Application Security," by Joseph Feiman, November 16, 2006.
Source: S.P.I. Dynamics Inc.
CONTACT:
Michelle Schafer,
Merritt Group,
+1-703-390-1525,
Mobile +1-703-403-6377,
schafer@merrittgrp.com, for SPI Dynamics
Ashley Vandiver,
SPI Dynamics,
+1-678-781-4841,
Mobile +1-404-432-8657,
avandiver@spidynamics.com
Web site:
http://www.spidynamics.com/
http://sans.org/softwaresecurity07/index.php
