Quickly and cost-effectively embed security testing into software development life cycle
Applications have become the primary vector of successful IT security attacks, with 90% of reported security incidents resulting from exploits against defects in the design or code of software.1 Further enhancing the threat is a dramatic increase in the attack surface brought about by new architectural standards, such as cloud and mobile. To protect against these threats, organizations must take a proactive approach to securing their applications.
DXC Applications Security on Demand, powered by Micro Focus Fortify, identifies security defects and vulnerabilities in applications by delivering static and dynamic security testing as a service. DXC Applications Security on Demand is hosted in our cloud, backed by DXC expert analysis and is delivered through a simple, consumption-based pricing model.
Security testing as a service can be quickly and cost-effectively embedded into every stage of your full software development lifecycle – design, build, test, and deploy. By embedding testing earlier into the lifecycle, development can be done more efficiently while reducing the costly rework at later stages in the lifecycle.
Supported Applications:
- ABAP/BSP
- ActionScript/MXML (Flex)
- ASP.NET, VB.NET, C# (.NET)
- C/C++
- Classic ASP (w/VBScript)
- Cobol
- ColdFusion CFML
- HTML
- Java (including Android
- JaveScript/AJAX
- JSP
- Objective-C
- PHP
- PL/SQL
- Python
- Ruby
- Swift
- T-SQL
- Visual Basic
- VBScript
- XML
DXC Applications Security on Demand enables:
Static Applications Security Testing: Static assessments provide security scanning, auditing and reporting on a variety of programming languages. Using industry leading tools, source code analysis of applications is completed with expert validation and reporting.
Dynamic Applications Security Testing: Dynamic assessments provide security scanning, auditing and reporting for any Web-based application in an active environment.
For more than 15 years, DXC has been delivering services to help secure our client’s applications. And, now, with a flexible, consumption-based, automated testing as a service, DXC Applications Security on Demand can help clients quickly and cost-effectively address application security early and continuously through the software development lifecycle.
1 Source: US Department of Homeland Security’s (DHS) US Computer Emergency Response Team (US-CERT)