Security Innovation Outlines Strategy to Solidify Position as Authority on Application Security

Driving Change by Addressing Root Cause with Newly-expanded Training Library and Partnership with Florida Tech to Create Cyber Security Certification Program

WILMINGTON, Mass.--(BUSINESS WIRE)-- Security Innovation outlined its strategy to solidify its position as the authority on application security knowledge by markedly expanding its eLearning library and launching a cyber security certificate program with Florida Tech. The 14 new computer-based training courses complement the company’s products and consulting services to help organizations build higher quality, more secure software. At the core of Security Innovation’s strategy is its work with companies to improve the process by which their applications are built – an approach that is gaining significant traction as the need to comply with regulations and understand all aspects of a company’s software risk increases. Security Innovation also announced today that Florida Tech is augmenting its continuing education curriculum with an online cyber security certificate program based on Security Innovation’s TeamMentor^TM and TeamProfessor^TM products.

Since applications have become a top target for malicious attacks and exploit, Security Innovation enables organizations to be proactive about secure software development and application risk management. Organizations such as Allstate, Barclays, Boeing, HP, MassMutual, Microsoft, Nuance, Qualcomm and UBS leverage Security Innovation’s expertise to help them understand the maturity of their application security process and adopt a secure SDLC (software development lifecycle.) This often includes a mapping of application security to compliance initiatives such as PCI-DSS or ISO 27001/2, and noted industry best practices, such as OWASP Top 10.

“Until now, the primary approach to application security has been reactive, either finding and fixing flaws or trying to defend web application attacks, while the more sophisticated and proactive security defenses have been concentrated on network security,” said Ed Adams, CEO of Security Innovation. “Rather than accepting vulnerabilities in applications and dealing with them in deployment, which elevates an organization’s risk profile dramatically, Security Innovation’s strategy is to proactively address the root cause of these vulnerabilities through the adoption of defensive coding techniques, and eliminate them from the start.”

Florida Tech Cyber Security Certification Program

The new Florida Tech cyber security program is aimed at professionals and students looking to improve their skill set with a recognizable certification from an accredited and globally-renowned university. This is an important step in driving behavioral change in higher education. The Florida Tech program is built on 15 courses from Security Innovation, such as “Architecture Risk Analysis,” “Creating Secure Code,” and “Introduction to Threat Modeling.” It also includes an online forum and live professor interaction.

“We have seen a steady increase in interest from our students in furthering their expertise as it relates to application security, especially as companies are offering new opportunities to candidates with this knowledge,” said Cliff Bragdon, Executive Vice President at Florida Tech. “We share Security Innovation’s strategy to drive process and cultural change as it relates to software security, and believe that the breadth and depth of its coursework set it apart as the authority on application security knowledge.”

Security Innovation’s work with Florida Tech is an important step in what it believes must be an industry-wide collaboration to truly change how software security and quality is approached. To drive this, the company will provide access to its computer-based training for students before they become software engineers, as well as for professionals during their careers. “The point is not to build more security professionals.” says Adams, “Instead, we want to help integrate security into the daily activities of software architects, developers, and QA professionals.” Therefore, in addition to extending its partnerships with higher education institutions, Security Innovation also plans to work with top IT training providers, as well as with security product vendors.

“The right way to address application security starts with an understanding that it extends beyond secure coding. It needs to start with the right requirements, the strategic choice of design components, and then the actual coding,” said Charles Kolodgy, research vice president, security products, IDC. “Today’s tools find problems after they’ve been designed and coded into the software. Security Innovation is bringing the industry’s broadest set of knowledge and experience to organizations to improve their focus on security and quality throughout the SDLC so that problems are not introduced in the first place.”

Security Innovation Key Offerings

Security Innovation’s eLearning content serves as the foundation of remediation recommendations and application security improvements. The company’s products have grown 10 fold in terms of number of users in the past 12 months. TeamProfessor helps organizations build skills for defensive and secure coding techniques. TeamMentor proactively guides practitioners as they design, build and test software. Security Innovation is continually expanding the content of these products. Today it has the industry’s largest application security training curriculum, with more than 35 courses and over 70 hours of computer-based training content. It also recently created TeamMentor OWASP Edition, a free open-source version of its TeamMentor Enterprise Edition. TeamMentor OWASP Edition provides secure coding guidance to teams looking to adopt OWASP Top 10 into their policies and processes.

Security Innovation’s expertise extends to mobile applications as well. NTRUEncrypt^TM, an alternative asymmetric algorithm to the more well-known RSA and Elliptic Curve Cryptography (ECC) algorithms, was named winner of the 2011 Tomorrow's Technology Today Award for mobile encryption. NTRU is easily consumable in the CyaSSL+ product, and it eliminates the need for companies building mobile applications to have to choose between security and performance when implementing SSL. NTRU has been adopted as an encryption standard by IEEE and X9 standard, both globally recognized organizations for technology and secure banking transactions.

In other news today, Security Innovation announced NTRUEncrypt has been approved as X9 standard for data protection.

About Security Innovation

Security Innovation is an established leader in the application security and cryptography space. For over a decade the company has provided products, training and consulting services to help organizations build and deploy more secure systems and improve the process by which their applications are built.

Security Innovation built upon its core competencies in application security with the acquisition of NTRU CryptoSystems in 2009, a company that developed proprietary, standardized algorithms. This resulted in the strongest and fastest public key cryptography available and the means to overcome historical performance barriers that have plagued the encryption industry. With these core strengths intact, Security Innovation is in a position to help organizations protect their data at two critical points: while applications are accessing it and during transmission. The company’s flagship products include TeamProfessor, the industry’s largest library of application eLearning courses; and TeamMentor, a web-based secure development methodologies product.

Security Innovation is privately held and is headquartered in Wilmington, MA USA.

Note to Editors: Security Innovation, NTRUEncrypt, TeamMentor, TeamProfessor and the Security Innovation logo are trademarks of Security Innovation. All other brand names may be trademarks of their respective owners.

Security InnovationMaureen Robinson, 978-694-1008 x121
[email protected]
or
Lois Paul & PartnersLucie Mann, 781-782-5863
[email protected]

Source: Security Innovation