SPI Dynamics Introduces SecureObjects for Microsoft Visual Studio .NET 2003
First and Only Class Library Designed for Web Application Developers to Build Security into Applications from the Ground Up
ATLANTA – June 28, 2004 – SPI Dynamics, the expert in Web application security, today announced SecureObjects, the first and only class library of objects specifically designed to provide application security. A next generation approach in the convergence of application development and security, SecureObjects enables developers to write secure application code from the ground up by delivering commonly used objects that are written securely. The first version will be fully integrated with Microsoft Visual Studio .NET 2003.
“Implementing application-level security in a form factor that is familiar and convenient for the developer is a proactive approach that directly addresses secure coding issues at the beginning of the application lifecycle without requiring the developer to learn new skills or change their current process,” said Richard D. Stiennon, Vice President, Gartner Research. “By providing developers with secure software building blocks, they gain the ability to implement secure code in real-time as an application is being developed. This will inevitably improve software quality and ultimately improve development productivity, shortening the development cycle and reducing the concern of security risks once the application is in production.”
SecureObjects empowers developers with security expertise while requiring “zero change” in their existing development process and no impact on their biggest concern – time to market. By leveraging SPI Dynamics’ extensive application security expertise and with a foundation that is based on the industry’s most comprehensive Web application vulnerability database, SecureObjects class libraries will help address 70 percent of defects exposed by insecure application coding practices. SecureObjects helps businesses to significantly reduce the overall cost and resources associated with the development of applications by providing a proactive way of incorporating security in the beginning stages of development, instead of later in the development cycle or once the application is in active production.
“Microsoft is pleased that SPI Dynamics has integrated its solution into Visual Studio .NET 2003 and is providing developers with a best practices security approach across the entire development life cycle,” said Shawn Nandi, product manager in the .NET Developer Product Management Group at Microsoft Corp. “With SecureObjects, SPI Dynamics is providing our mutual customers with a way to help develop secure code without a change in their normal coding routine.”
“The introduction of SecureObjects continues to deliver on SPI Dynamics’ leadership role in application security and our vision of continuing to provide in-depth solutions for addressing security for all enterprise users involved in application development,” said Caleb Sima, founder and CTO of SPI Dynamics. SecureObjects provides developers with a vigilant and proactive approach to addressing defects in application code at the core of development within the environment they’re familiar with today.”
SecureObjects will be integrated with current SPI Dynamics’ offerings for the Microsoft development community. Customers of SPI Dynamics’ WebInspectâ„? for Developers – Microsoft Visual Studio .NET version application security testing and assessment product will be provided with SecureObjects reference codes within their testing environment. This will enable developers to utilize SecureObjects in the remediation phase for security defects detected by WebInspect to quickly identify and eliminate application security defects. This combined solution enables developers to find and fix code level security defects within their current working environment.
SecureObjects 1.0 features include:
Input Validation objects will check incoming data on web forms to validate user-supplied input against a set of rules and prevent parameter manipulation exploits, such as SQL Injection attacks.
Error Handling objects will manage the security events generated from the other objects in the library. These objects will catch the security events as they occur, initiate a response and log them to the Windows Event Log.
Microsoft Visual Studio .NET 2003 integration will encompass wizards and drag-and-drop capabilities to easily implement SecureObjects within existing or new projects built with Microsoft ASP.NET.
Availability and Pricing
SPI Dynamics SecureObjects 1.0 will be available in Q3 2004. For pricing information please contact SPI Dynamics at (678) 781-4800 or info@spidynamics.com.
About SPI Dynamics
SPI Dynamics, the expert in application security, provides products that empower organizations with the solutions needed to address flaws in the application layer throughout the lifecycle, and assess the risk associated with current business applications that are already in active use within the corporate environment. The company’s flagship product line, WebInspect, assesses the security of an organization’s critical applications and web services. Software developers, quality assurance professionals, corporate security auditors, compliance officers and security operations experts use WebInspect products throughout the application lifecycle to identify security defects. For more information visit www.spidynamics.com or call (678) 781-4800.