HP has introduced a new security service, which it claims to help companies reduce vulnerabilities at the onset of the application development life cycle.
The company claims that the new Comprehensive Applications Threat Analysis service helps companies to implement recommendations from the assessment’s comprehensive findings report to reduce costs associated with vulnerability rework and potential defects while minimising the need for post-release updates to address security flaws.
According to HP, the new service offers Security Requirements Gap Analysis to provide clients with access to valuable security expertise and tools to fix and avoid security issues. This capability closely examines apps to identify often-missed technical security requirements imposed by relevant laws, regulations or practices.
The new services also offers Architectural Threat Analysis to reduce client rework costs resulting from security scans, penetration tests and other vulnerability-finding activities. The capability also identifies changes in application architecture to reduce the risk of latent security defects.
In addition to the Comprehensive Applications Threat Analysis service, HP offers Quality Center for security requirements, Application Security Center for web application vulnerability testing and Application Security Center of Excellence (CoE) Services to help organisations develop an application security program.
Chris Whitener, chief security strategist of Secure Advantage at HP, said: "Customers are under increasing pressure from threats that exploit security weaknesses that were either missed or insufficiently addressed during early life cycle phases.
"The HP Comprehensive Applications Threat Analysis service helps organisations reduce hidden weaknesses early in the assessment process and provides recommended mitigation strategies and secure design principles."