IBM has tapped its Rational Software tools division to deliver software that advances security analysis. New software analysis capabilities provide a more efficient and accurate way to help organisations design, build and manage secure applications, the company said.
The offering, based on software IBM received through its acquisition of Ounce Labs, consolidates software vulnerability analysis and reporting into a single view across the enterprise. This allows developers to assess security threats across the entire software development lifecycle, enabling global teams to easily identify and test security exposures and help reduce the risks and costs associated with security and compliance concerns, IBM said.
For example, organisations can use the software to automate application security audits and source code scanning to ensure that the network and Web-based applications are secure and compliant. The company claims this delivers improved accuracy of vulnerability identification and remediation.
According to IBM’s 2010 mid-year X-Force Trend Report, 55 percent of all vulnerabilities come from Web applications, making it the greatest source of risk for organisations. The research indicates that computer security threats rose by 36 percent in the first half of 2010, resulting in more than 4,000 new vulnerabilities being documented compared to last year.
Web applications are often vulnerable due to a lack of built-in security. To reduce these risks, organisations need to implement security strategies that ensure applications are designed securely across the entire development lifecycle, from start to finish, IBM said in a press release. Finding ways to extend security analysis across more testers in the security process and employing multiple testing techniques should result in higher-quality and more secure applications
“As vulnerabilities become more prevalent, testing across the entire development lifecycle without having to invest in additional development resources and skills is significant for the bottom line,” said Steve Robinson, general manager of IBM Security Solutions. “Through the ongoing value brought by the acquisitions of Ounce Labs and Watchfire, combined with our R&D expertise, we can now provide more comprehensive security governance, collaboration and risk management solutions that further protect organisations from malicious attacks.”
Meanwhile, the new advancements in the IBM Rational AppScan portfolio simplify and automate security scanning with new hybrid analysis capabilities, improving vulnerability identification and remediation. The hybrid analysis provides automated correlation of results from static code and dynamic analysis to increase vulnerability identification in automated software.
Enhancements to the IBM Rational AppScan portfolio include a consolidated view of vulnerabilities with hybrid analysis reporting, broader scanning access to identify blind spots, a simplified security assessment process, and support for multiple frameworks.
In addition, IBM announced support for federal security protocol, CAC/PKI, for the IBM Rational Software portfolio. The CAC/PKI protocol enhances the ability of governments to prevent unauthorised access to physical and digital environments, compromising the security of military and national initiatives. IBM provides a full range of services for the detailed design, development and implementation of smartcard/biometrics and CAC/PKI implementations as part of the efforts to deliver full software lifecycle support of CAC/PKI and other security protocols.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…