Application Security Management
Failing to protect web applications from malicious attacks can lead to financial loss, legal complications and damage to your organization's reputation. Softtek offers a mature and proven service which helps you align your data protection and application security efforts to your business's risk management strategies.
Softtek service value
Softtek’s Information Security managed services provide a cost effective solution for risk remediation. The program protects your web applications by defining strategies aligned with your organization's information controllership. Supported by Softtek’s IT security professionals and security auditors, the program also includes information quality levels, vulnerability updates, research, consulting and security support.
Application Security Services
- Security Assessments
Softtek will identify security vulnerabilities in your application portfolio, and will provide recommendations to protect your company’s data and information assets.
Comprehensive analysis of source code and documentation (i.e. technical specs) to understand how program components interact and then identify and report vulnerabilities and provide specific remediation guidelines.
Also called application penetration testing or ethical hacking, the goal is to find security flaws by using the same techniques hackers use. Can be performed on any “live” environment.
The service includes performing real-time security tests to on-production web applications. Source code is provided to point the portions of code that might cause a breach.
- Application Security Awareness Management
- Application Security Policy Definition
- Application Data Classification
- Application Security Training for Application Development Teams
- Business Application Security Program
- Application Architecture and Design
- SDLC Integration
|Experience||More than 12 years of experience delivering Information Security services. Expertise that allows us to reduce and simplify the wing-to-wing IT audit process.|
|Proven implementation methodologies||A 360° approach that enables organizations to address the full picture, aligned to CobIT, ISO 27001 and NIST. Process and metrics-oriented to guarantee visibility, reproducibility and repeatability, and tailored to meet specific requirements for each client.|
|In-depth knowledge||Security policy definition, revision and update. Application and network security assessments, as well as 3rd-party/supplier evaluations. IT audits execution and support. Metrics, dashboards and reports generation • Up-to-date security awareness|
- Software Quality Assurance for the Insurance Industry August 2010 English
- Testing Services for the Software Industry August 2010 English
- Holistic Program Detects, Corrects and Prevents Application Vulnerabilities for Multi-Industry Fortune 10 Conglomerate August 2010 English
- Modelo Holístico Detecta, Corrige y Previene Vulnerabilidades en Aplicaciones para Conglomerado Multi-Industria del Fortune 10 August 2010 Español
- Mobile Security Services
- Information Security for Financial Services
- Information Security and Security Testing Services
- IT Risk & Cybersecurity Services
- State-of-the-Art Software Security Softtek Information Security Practice February 2013 English
- Application Security Program: Gaining Visibility of Threats through Metrics Leonel Navarro - Security Business Leader, Softtek & Juan Carlos Calderon - Security Research Leader, Softtek. February 2010 English
- Measuring Progress in Application Security Six key conditions for metrics-driven programs By Leonel Navarro, Project Management Professional February 2010 English
- Preparing a Strategy for Application Vulnerability Detection Setting the basis to secure critical information assets By Juan Calderon October 2009 English