Application Security Management
Failing to protect web applications from malicious attacks can lead to financial loss, legal complications and damage to your organization's reputation. Softtek offers a mature and proven service which helps you align your data protection and application security efforts to your business's risk management strategies.
Softtek service value
Softtek’s Information Security managed services provide a cost effective solution for risk remediation. The program protects your web applications by defining strategies aligned with your organization's information controllership. Supported by Softtek’s IT security professionals and security auditors, the program also includes information quality levels, vulnerability updates, research, consulting and security support.
Application Security Services
- Security Assessments
Softtek will identify security vulnerabilities in your application portfolio, and will provide recommendations to protect your company’s data and information assets.
White Box
Comprehensive analysis of source code and documentation (i.e. technical specs) to understand how program components interact and then identify and report vulnerabilities and provide specific remediation guidelines.
Black Box
Also called application penetration testing or ethical hacking, the goal is to find security flaws by using the same techniques hackers use. Can be performed on any “live” environment.
Grey Box
The service includes performing real-time security tests to on-production web applications. Source code is provided to point the portions of code that might cause a breach. - Application Security Awareness Management
- Application Security Policy Definition
- Application Data Classification
- Application Security Training for Application Development Teams
- Business Application Security Program
- Application Architecture and Design
- SDLC Integration
Why Softtek
| Experience | More than 12 years of experience delivering Information Security services. Expertise that allows us to reduce and simplify the wing-to-wing IT audit process. |
| Proven implementation methodologies | A 360° approach that enables organizations to address the full picture, aligned to CobIT, ISO 27001 and NIST. Process and metrics-oriented to guarantee visibility, reproducibility and repeatability, and tailored to meet specific requirements for each client. |
| In-depth knowledge | Security policy definition, revision and update. Application and network security assessments, as well as 3rd-party/supplier evaluations. IT audits execution and support. Metrics, dashboards and reports generation • Up-to-date security awareness |
Insights
- State-of-the-Art Software Security Softtek Information Security Practice February 2013 / English
- Application Security Program: Gaining Visibility of Threats through Metrics Leonel Navarro - Security Business Leader, Softtek & Juan Carlos Calderon - Security Research Leader, Softtek. February 2010 / English
- Measuring Progress in Application Security Six key conditions for metrics-driven programs By Leonel Navarro, Project Management Professional February 2010 / English
- Preparing a Strategy for Application Vulnerability Detection Setting the basis to secure critical information assets By Juan Calderon October 2009 / English
