January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern...
-
Upload
terrence-harless -
Category
Documents
-
view
215 -
download
2
Transcript of January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern...
![Page 1: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/1.jpg)
January 2008
![Page 2: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/2.jpg)
BugSec ProductsBugSec Products
![Page 3: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/3.jpg)
ChallengesChallenges
Data security aspects become a critical elements in modern companies proceeding.
Many organizations are required to comply with information security standards, such as PCI, BASEL II, HIPAA, SOX and more
Because of these regulations and threats, implementation of a new software or system becomes very “painful” and takes a long time
![Page 4: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/4.jpg)
The Present SituationThe Present Situation
Security problems may cause unnecessary costs and schedule delays
Systems must undergo penetration tests before production
At the final stage, the development of each solution necessitates the investment of extensive resources
Conclusion:Conclusion:The implementation of security means during the development process
saves time and money
![Page 5: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/5.jpg)
FactFact
NIST (National Institute of Standards and Technology):
“…the cost of fixing defects after deployment is almost fifteen times greater than detecting and eliminating them during development”
![Page 6: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/6.jpg)
Sec2Pro FunctionsSec2Pro Functions
Increases awareness to the importance of information security
Implements security best practices into development processes
Automates procedures, ensures their assimilation by programmers, keeps track of their implementation in practice
Receives feedback from programmers regarding adherence to guidelines
Produces control reports for management(Cont.)
![Page 7: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/7.jpg)
Sec2Pro Functions Sec2Pro Functions (cont.)(cont.)
Significantly reduces penetration testing timesVerifies compliance with required standards and
regulationsProvides programmers with ongoing updates regarding
threats and newly issued regulatory requirements
![Page 8: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/8.jpg)
Sec2ProSec2Pro
Integrated hardware (appliance) / software system Straightforward assimilation and operation “Translation” of regulations and standards into specific
instructions Broad knowledge base for all development environments and
infrastructure Intuitive, efficient and accessible knowledge base Ongoing updates regarding technological issues and regulatory
requirements Online communication among all project components through
one system
![Page 9: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/9.jpg)
Sec2ProSec2Pro
Sec2Code includes 2 configurations: Notifier – tracks code writing and refers the programmer
to relevant information in the knowledge base Project Checklist – manages security aspects during
programming
Sec2Net Procedures and a checklist for hardening IT
infrastructures
![Page 10: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/10.jpg)
Opening a New ProjectOpening a New Project
Opening a new project includes the participants, software languages and regulations
Click to enlarge
![Page 11: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/11.jpg)
Back
![Page 12: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/12.jpg)
Interrogation & Input DataInterrogation & Input Data
The system generates a checklist according to the project definitions
Click to enlarge
![Page 13: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/13.jpg)
Back
![Page 14: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/14.jpg)
Programmer SupportProgrammer Support
The system provides the programmer with detailed explanations, including suggestions on how to resolve a variety of problems – from fundamental issues to examples of relevant codes
Click to enlarge
![Page 15: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/15.jpg)
Back
![Page 16: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/16.jpg)
Reporting ToolsReporting Tools
The system provides managers with on-line progress reports
Click to enlarge
![Page 17: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/17.jpg)
Back
![Page 18: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/18.jpg)
Sec2Code NotifierSec2Code Notifier
Subtle pop-up notification appears when an object requires attention
A hyperlink directs to the relevant page in the knowledge base
The application is transparent to the user
Click to enlarge
![Page 19: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/19.jpg)
Back
Sec2Code NotifierSec2Code Notifier
![Page 20: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/20.jpg)
System BenefitsSystem Benefits
Unique “open architecture” moduleAbility to add checklists of any kindOrganizations can independently construct tailored
development environments meeting their specific needs
Shorter penetration testing times Ability to set earlier project launch datesReduced dependency on external consulting services
![Page 21: January 2008. BugSec Products Challenges Data security aspects become a critical elements in modern companies proceeding. Many organizations are required.](https://reader035.fdocuments.us/reader035/viewer/2022062620/5519fca355034619378b475d/html5/thumbnails/21.jpg)
Thank YouThank You
For more details cont us:
11 Moshe Levi St., Rishon le Zion 75070, IsraelTel: +972-3-9622655 | Fax: +972-3-9511433 | E-mail: [email protected]
Visit us at our website: www.bugsec.com