2ndphase

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player
HomeProduct InformationLatest NewsWhite PapersContact UsAbout UsPrice

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player
 
 

On Demand

 

 

View a short demo here  

Automated, on-demand application security solutions. Created by a world-class team of application security experts from @stake, Guardent, Salesforce.com, VeriSign, and Symantec, the company delivers services to identify software flaws introduced through coding errors or malicious intent.

  • Whether you are developing applications or procuring them from a third party vendor, Veracode makes it simple and cost-effective to secure your applications from vulnerabilities that can put your organization at risk.
  • Veracode provides an independent, trusted assessment of the security level of your applications.
  • Veracode provides the most complete, accurate and actionable application security review. We help you fix what matters most to your business.

Static 

 Applications can be analysed by the latest binary scanning technology. This method strives for less then 15% false positives and a turnaround of under 72 hours, so you can handle your application security accurately and when you need it. Access to source code is not required.

The process involves uploading binaries (or executables) of an application via a secure transport protocol to a secure portal. The company analyses the application and produces a detailed tailored report to the portal. This is only available today for applications written in Java, C and C++.

The beauty of this service is you can check on COTS packages as well as in-house written applications.

It is often implemented in conjunction with a dynamic scan to return a comprehensive security profile of the application.

Ever wondered if that new application from a ‘reputable’ vendor contains vulnerabilities?

The other good thing about an on-demand service is there is no installation/ set-up/ hardware etc.

Want a one-off scan of a particular application? No problems. This can be arranged also.

 

Dynamic

Any web application can be scanned in it’s live environment. All you have to do is give the scanning service company the URL and log-in permissions and they will do the rest. They crawl the application first and map out the entry/exit points etc. Then they subject the application to a comprehensive scan and within 72 hours you have the results. 

Some organisations are demanding that vendors of COTS packages have to submit their applications to this service before they get the green light in procurement. A vendor gets the comprehensive report with remediation advice and the customer gets the Executive Report with the score. After the remediation has taken place we will guide the vendor through a re-scan exercise.

It is often implemented in conjunction with a static scan to return a comprehensive security profile of the application.



This is a subscription service where you commit to 10, 25, 50, 100…scans over a period of 1 year however one-off scans can be arranged.

This is very cost-effective. 

For sample reports or more information please contact us.
 
[ Back ]
 
 
 
Latest News

SecurAccess is now here.

Tokenless 2 Factor - Preferred by Users and IT Best Practice

The world's Easiest strong authentication. Installed and configured in a day, and deploying to 20,000 users in an hour. Re-Use existing AD Passwords as the PIN.

Ease of Use + Security + Lowest Cost = The ultimate Strong Authentication solution.

Click here for more

Client Case Studies

The John Lewis Partnership is currently in the process of rolling out SecurAccess to 15,000 employees: “SecurAccess has been really well received within the organisation, it has been working effectively and we have had no problems with the roll out. ”

View all case studies here

 
 
Logo Tel: +61 2 8231 6580
Email: info@2ndphase.com.au