Security Innovation - Application Security Software and Training from Spectrum Systems

Home
Site Map
Contact Us

Solutions

How to Buy

Company

Contract
Vehicles

News &
Events

White
Papers

Product Solutions

Application Development

Data, Database &
Content Management

Enterprise Resource Management

Business Technology &
Process Optimization

Information & Application Security

Network Management &
Connectivity

Program Management

Integration & Support
Services

All Solutions

Product Line Card

Security Innovation focuses on the most difficult problems of IT security - those at the application layer. Exploitability of applications due to poor design has reached epidemic levels and perimeter/network defenses are not enough to protect your business. We help you build, deliver, deploy and test applications to ensure your enterprise is as secure as it can be.

Holodeck Enterprise Edition

Comprehensive Simulation, Testing, and Tuning. Holodeck is a unique testing tool that uses fault simulation to emulate real-world application and system errors. This allows testers and developers to work in a controlled, repeatable environment to analyze and debug error-handling code in hostile environments. Holodeck performs complete application monitoring, error-logging and fault simulation, making it ideal for adept testers that need to understand the underpinnings of their applications for reliability testing. You can cover more code, hit more error conditions, and gain confidence in the reliability of your code. Applications that stand up to Holodeck attacks are by definition not fragile.

Unprecedented Control. Faulty error-handling code tends to be riddled with serious reliability, security, and functional defects and typically goes uncovered by conventional testing methods. Holodeck's point-and-click environment simulation provides powerful and comprehensive reliability and error handling testing without disrupting the rest of your system. Because you have complete control over all Windows, .Net, and API calls that your application make, you can trick your application into thinking that it is out of memory, network bandwidth is maxed out, or that a registry file or key it needs is corrupt. Holodeck can be used as a stand-alone tool or in conjunction with Automated Test Tools or IDE's such as VisualStudio.

Holodock provides testers and developers with the following benefits:

Safe fault injection and environment simulation
Comprehensive reporting
Application insight via detailed application monitoring
API integration with automated testing tools
Built-in debugger for fast problem solving
Automated scheduled and random test generation
And more

Training Courses

How to Break Software Security. Learn how to recognize potential security holes before attackers do! This course is designed to give testers and developers the tools and techniques they need to help find security problems before their application is released. Course content is based on the first book to be published on the topic of application security testing: How to Break Software Security.

Software Testing Boot Camp. This course is unique in the security industry. It is a follow on to the course How to Break Software Security. Instead of learning through just lecture and general hands on labs, this course walks the students through the security issues of the actual application that they are testing day in and day out.

How to Break Web Security. The web is the internet’s killer app. This makes web servers a good target for hackers. In fact, 97% of all web applications are vulnerable. Why? Network security isn't the answer. We will explore a model for web application testing as well as web application concerns including accountability, availability, confidentiality and integrity.

How to Break Software. This workshop introduces our 17-step methodology to effectively and efficiently test software. Attendees learn a very applied and non-rigid approach to test software for common bugs. It's a departure from conventional testing in which testers prepare a written test plan and then use it as a script when testing the software.

Fundamentals of Secure Coding. If a process deep in the bowels of a product crashes because it receives bad data or because a resource that should have been there was not, it is still a crash and reduces the availability of the product. We will show you how to write secure code, reducing the susceptibility of code to vulnerabilities either unintentional or intentional.

Attacker Techniques Exposed: Threats, Exploits and Vulnerabilities. The course begins by walking students through several examples of security breaches. The case studies will illustrate the broad range of threats that organizations face from both external attackers as well as insiders. For each attack scenario, we will go through the underlying flaws, exploits, vulnerabilities and consequences.

Software Security Testing Best Practices. Attendees get the basics on how to conduct a security threat assessment of their systems before or after they go live. They learn how to develop a comprehensive security test strategy and build a team with the right mix of skills and experience to execute it.

Introduction to Reverse Engineering. This course has been delivered to some of the best and most elite ‘Red Teams’ in the world. It gives developers/testers an entirely new skill set that will immediately set them apart from their peers. Course content includes the techniques of static and dynamic analysis and how they can be used to identify vulnerable ‘hot spots’ in applications.

Security Innovation can be found on the web at www.securityinnovation.com

ADDITIONAL RESOURCES

Request a Quote

Partnering with Spectrum

Contract Vehicles

Webinars & Seminars

White Papers

Home | Contact Us | Site Map