Center of Excellence
Our Application Security Center of Excellence (CoE) package is designed to help your team exploit application security software to its fullest value, from the ground up. The goal of the CoE offering is to train an internal AppSec expert who will become proficient at integrating static and dynamic testing, detection, triage and remediation functions into your SDLC.
- We believe good application security begins with identifying all applications currently in use at the enterprise level, and setting appropriate and enforceable standards. Following the OpenSAMM model, we do a full audit to inventory and prioritize your existing applications and determine the maturity of your application security program.
- Next, we correct configurations, harden and upgrade operating systems and web servers, referencing intelligence from the National Vulnerability Database or Common Weakness Enumeration (CWE).
- Finally, our AppSec experts start testing the applications and sharing the results. We’ll train your programmers in best practices for security coding, and help them remediate any problems — documenting all issues and fixes through comprehensive, easy-to-understand and compliance-friendly reports.