Sirius Computer Solutions
Contact Us
|
Subscribe
|
Careers
|
800.460.1237
|
Follow Sirius Computer Solutions News on Twitter
Home
Company »
Corporate Overview 
Executive Team 
Community 
Press Room 
Case Studies
Careers »
Benefits
Job Openings
Contact Us »
Resources »
Document Library »
Sirius Brochures
Sirius Case Studies
Government Contracts / Solutions
Search Sirius Articles
All Sirius Press Releases
All Sirius White Papers
Product Information
Sirius Technology Enablement Centers
Webcasts
Solutions »
Business Continuity »
Backup, Recovery, Archive
High Availability / Disaster Recovery
Business Optimization
Client Asset Management
Cloud Computing
Collaboration
Commerce
Data Center Architecture / IT Facilities
Enterprise Content Management / Information Management
Enterprise Modernization
Government Solutions »
Federal
State & Local / Education
Identity & Access Management
Industry Solutions »
eCommerce for Retail
Modernization for Insurance
Healthcare
Infrastructure Optimization for ISV Application Environments »
JDA
Lawson
Mincron
Oracle
SAP
IT Financing
IT Optimization
Networking & Mobility
Security & Compliance
Solutions for Midsize Companies
Storage
Unified Communications
Virtualization
Services »
Software Consulting Services »
Business Optimization & Modernization
Collaboration & Unified Communications 
Commerce
Identity & Access Management
Information Management
Client Asset Management Services
Cloud Computing
IBM Power Systems Services
IBM System z Services
IBM Services
Industry Standard Servers (ISS) Services
IT Risk Management Services
Managed Services
Networking Services
Project Management Services
Storage Optimization Services
Products »
Networking
Servers »
IBM Power Servers
IBM System z (Mainframe) Servers
x86 / Blades / Industry Standard Servers »
Cisco UCS
Dell PowerEdge Servers
HP Proliant Servers
IBM System x Servers
IBM BladeCenter Servers
Software »
IBM Information Management Software
IBM Lotus Software
IBM Rational Software
IBM Tivoli Software
IBM WebSphere
Storage
Partners »
Brocade
Cisco
Citrix
Dell
F5
HP
IBM
Lenovo
Microsoft
NetApp
Novell
Oracle
Red Hat
Symantec
Vision Solutions
VMware
... More Partners
News »
All News
Press Releases
Sirius in the News
Application Security Is an Essential Part of Your Overall Security Strategy (November 2011) Print
Web-based applications at particular risk

Applications -- particularly Web-based applications -- represent more than 75 percent of the new security vulnerabilities uncovered each year. As more business logic and sensitive data are exposed externally to enable mobility, cloud-based solutions, other business requirements and regulations, the risks to application security cannot be overstated.

Many organizations assume their applications are protected by security defenses such as firewalls, intrusion prevention, and vulnerability management solutions. These defenses are all part of a well-rounded security program, but Web applications present unique threats and challenges that require specific attention. Exploits such as SQL injection and cross-site scripting (XSS) are common in Web applications, and have been used in a number of significant data breaches in recent years. In addition, a number of lesser-known vulnerabilities and configuration problems are commonly uncovered in application assessments.


Contact Sirius for your security and compliance issues
contactus_transparent.png
SecuritySirius has developed a variety of application security services for a broad range of clients, from regulated environments with sensitive data subject to PCI, HIPAA/HITECH and privacy statutes, to software developers with quality and reputation concerns. Sirius can assist with:
• Evaluating current application security practices through application architecture reviews
• Vulnerability testing
• Software development life cycle and process reviews
• Code reviews
• Developer training on application security concepts, risks and countermeasures.

These services improve the stance of deployed applications and future development work, allowing our clients to secure the complete software development life cycle. Sirius uses recognized frameworks and best practices from organizations such as the Open Web Application Security Project (OWASP) and the Web Application Security Consortium (WASC). Our extensive industry experience allows us to build robust solutions to our clients’ application security needs.
Application security-focused offerings include:
• Application security vulnerability testing, “black box” to full site testing
• Architecture reviews of the full application stack and security controls
• Code reviews of critical code areas in all major programming languages
• Software development practices and lifecycle (SDLC) security reviews
• Training for developers, QA and security staff on secure development practices and testing

Partnering with leading solution partners (including IBM, Cisco, F5, HP, Palo Alto Networks, Symantec and VMware) also enables us to provide end-to-end security solutions across the entire framework of your business in the most cost-effective and efficient manner.
To learn more about Security and Compliance Solutions from Sirius, contact your Sirius client executive, or visit the Sirius Security and Compliance Solutions page at MySiriusZone.
Article in November 2011 Sirius Connect Newsletter
Copyright 2011, Sirius Computer Solutions. All rights reserved.

» Sirius White Papers
» Sirius Events
» Sirius Webcasts
 
   Related Documents   
   » Business Continuity & Resiliency Services (Chapter from Services Catalog)
   » Vision Solutions
   » Nicholas and Company-IBM Power Systems, IBM BladeCenter, High Availability / Disaster Recovery, VoIP
   » Monitronics-Disaster Recovery Plan Includes IBM Tivoli, System x, BladeCenter, Storage, SVC & Tape
   » Sterling Bank-IBM System i5 High Availability / Disaster Recovery Solution (2006)
   » International Rectifier Uses IBM iSeries with High Availability (MIMIX) (2005)
   » McCoy-Increased Reliability & Availability with IBM Servers, AIX, HACMP, Tivoli, IBM Storage (2002)
   » Time Warner Cable-High Availability with IBM AS/400, MIMIX (2002)
   Related Information   
» NetApp Data ONTAP 8.0 Earns Internationally Recognized Common Criteria Certification (May 2012)
» Does Your Retail Organization Need Enhanced PCI Compliance Services? (April 2012)
» Business Continuity Services
» Identity & Access Management Solutions
» Identity & Access Management
» Security: What is APT and What Does It Mean to You? (October 2011)
» Security and Compliance Solutions
» PCI DSS Wireless Update for Retail Merchants (September 2011)
» HIPAA / HITECH Security Risk Assessment (August 2011)
» Disk Drive Retention Service Secures Data on Failed or Retired Drives (July 2011)
» Symantec Data Loss Prevention (DLP)
» Security Solutions: MA CMR 201 17.00 Explained

» Your Privacy | » Legal | » Site Map | » Contact Us | » Community | » Unsubscribe | » Employee Login/Logout


Sirius Computer Solutions