Early life cycle security assessment service

HP announced Comprehensive Applications Threat Analysis, a new security service to help companies reduce vulnerabilities at the onset of the application development life cycle by addressing latent defects in applications and architecture.

The service provides architectural as well as design guidance alongside recommendations for security controls and best practices. Companies can then implement recommendations from the assessment’s comprehensive findings report to reduce costs associated with vulnerability rework and potential defects while minimizing the need for post-release updates to address security flaws.

As part of the HP Secure Advantage portfolio, the service helps organizations better address security and regulatory needs. It also defends against attacks while reducing the total cost of application ownership. The service is an integral part of the HP Cyber Security portfolio, which helps organizations leverage advances in technology and share information securely while protecting sensitive information and critical infrastructure.

The new service offering provides the following capabilitiese:

• The Security Requirements Gap Analysis provides clients with access to valuable security expertise and the tools to fix and avoid security issues. This capability closely examines applications to identify often-missed technical security requirements imposed by relevant laws, regulations or practices
• The Architectural Threat Analysis reduces client rework costs resulting from security scans, penetration tests and other vulnerability-finding activities. This capability identifies changes in application architecture to reduce the risk of latent security defects.