Application Security

Continuously manage, monitor and audit application security.

SPS can help you proactively secure their business-critical applications from external and internal threats throughout their entire lifecycle from design to implementation and production.

We use the following products to help organization’s achieve complete control over their applications security:

Rational AppScan

• Provides automated web application scanning and testing for common vulnerabilities
• Scanning and intelligent fix recommendations are provided for WASC threat classifications such as SQL injections, cross-site scripting, forgery and buffer overflow
• The AppScan portfolio includes solutions for developers, QA and security professionals, as well as a hosted OnDemand SaaS offering for organizations looking to outsource their application security requirements

ISS Threat Mitigation Services Application Security Assessment

• ISS performs intrusion tests using known hacker techniques to thoroughly assess an organization’s applications from technical and non-technical perspectives
• Detailed reports with specific recommendations are provided for addressing any found vulnerabilities

ISS Proventia Web Application Security

• Delivers a richer and less-complex Web security solution without the additional investment of a stand-alone Web application firewall
• Offers proactive protection for Web Applications, Web 2.0 and databases
• Helps meet regulators' compliance requirements and industry standards such as PCI DSS 

Tivoli Access Manager for e-business, business integration, operating systems and single sign-on

• Policy-based access control solution for e-business and enterprise applications
• Helps manage growth and complexity, controls escalating management costs and reduces the difficulties of implementing security policies across web and application resources
• Ranked in the ‘leader quadrant’ by Gartner

Tivoli Security Policy Manager

• Minimizes operational inefficiencies and vulnerabilities related to entitlements and SOA security policy management
• Enforces policies at runtime and helps direct change and control policies more centrally to quickly and efficiently address new or more stringent compliance requirements
• Uses federated policy management to help bridge the gap between business and IT approaches to security policy
• Enables end-to-end application authorization using flexible policy administration and standards-based policy decisions

Tivoli Federated Identity Manager

• Addresses the issues and pains involved in identity federation and user lifecycle identity management

For questions, please send email to idm@spsnet.com.

<< Go Back