Denim Group’s ThreadFix 2.7 supports flexible structuring of application security programs
Denim Group launches the latest version of ThreadFix, the company’s application vulnerability resolution platform for developers and security professionals. ThreadFix 2.7 unites Denim Group’s ThreadFix platform with their professional and managed services, providing customers the ability to request services from ThreadFix User Interface (UI) and have the results of these services delivered to their ThreadFix platform upon completion.
This most recent update allows Denim Group’s customers to receive actionable data, rather than a stagnant PDF, enhancing communication with their development teams for remediation of vulnerabilities.
ThreadFix 2.7 provides the flexibility and capability for any organization to tune their program for effectiveness. Customers who require support to maintain an application security program can assign tasks, such as assessments and source code review, to Denim Group’s team who provide on-demand testing and application vulnerability resolution.
This service reduces the friction associated with implementing testing programs by allowing customers to request QuickCheck assessments through the platform. These assessments go beyond the automation that scanning vendors provide to include false positive culling and time-boxed manual testing.
“Our goal is to provide our customers with the freedom to easily build the application security programs they want,” said Dan Cornell, CTO and Principal of Denim Group.
“ThreadFix 2.7 provides organizations with the viable option to outsource components of their programs in order to free up time and resources, enabling teams to focus on developing strategy, interacting with executives to get buy-in on managing software risk, developing security architecture around CI/CD pipelines, and working with development teams to threat model new applications.”
Additionally, the ThreadFix platform offers application portfolio reporting characterized by risk, along with information on the assessment activity, in order to provide organizations with a program-oriented view of the applications being managed. This allows teams to define risk as it relates to criticality of application, how severe the vulnerabilities are, when the last time the user ran a scan/assessment, and what vulnerabilities should be fixed first. This risk-centric view ensures that the organization can identify issues and blind spots.
The structuring of application security programs is challenging for organizations who are limited by budget, talent and knowledge. Through enhancements to ThreadFix, Denim Group is putting power back in the hands of the businesses, enabling them to grow their application security initiatives by amplifying the value of their team’s resources.
ThreadFix 2.7 delivers a defined view application portfolio risk and brings knowledgeable outsourcing resources so that all organizations can address software security.