Software Security

As the business criticality of software grows, ensuring that your company's software and confidential data is protected and secure becomes increasingly important. Cigital assists companies big and small to meet this challenge by providing consulting services across the entire spectrum of software security. Whether you need application or architecture assessments, penetration testing, up-to-date coding standards or help with tools selection and implementation... we can help.

Cigital provides independent, unbiased advice on software security across the enterprise. We are recognized experts who apply a combination of proven methodologies, tools, and best practices to meet each client's unique requirements.

A one-stop shop for software security — Cigital's Service offerings span all software security activities including:

Static Code Review (Static)

Source Code Scanning
Customized source code reviews
Code coverage tools in conjunction with dynamic analysis
Vulnerability detection in coding phase
COTS/Open Source product review
Binary Code Scanning

Application Pen Testing (Dynamic)

Web Application scanning
Database Server scanning
Web Server & Application platform scanning
Vulnerability detection in test/QA and operations

Architectural Risk Analysis (Architecture)

Threat Modeling
Attack vectors
Threats
Trust zones
Ambiguity analysis
Gap analysis
Vulnerability prevention & correction in analysis and design phases

Vulnerability Remediation

Activities aimed directly at repairing previously discovered weaknesses in software, technology, and processes

Coding Standards

Definition, customization and documentation of industry and corporate security-related standards and best practices

Security Assurance Tools

Implementation of or improvements of any SDLC, data, or network security tools anywhere in the enterprise to provide a "one-stop shop" solution

For additional information on our services, read our Software Security offerings [PDF]. Contact us today at 800-824-0022 or e-mail us.