SPI Dynamics Announces SecureObjects 1.5 to Automate Development of Secure Application Code

ATLANTA – April 5, 2005 – S.P.I. Dynamics Incorporated, the leader in Web application security testing software, today announced SecureObjects 1.5. SecureObjects is the only solution available that automates the development of secure Web applications from the ground up, quickly and easily, without the need for specialized security knowledge and without the risk of slowing aggressive product release schedules.

“Today, the most frequently occurring security breaches take place at the application layer. Many of these breaches are facilitated by underlying application code that is written insecurely,” said Caleb Sima, CTO and co-founder of SPI Dynamics.

“Security at the application level is one of the greatest technical challenges facing IT organizations. Evolutionary technologies will not be embraced until security problems are solved. Security vulnerabilities must be viewed and treated as defects and applications must be built securely from the beginning. This translates to the need for a comprehensive plan for addressing security throughout the software development lifecycle. Having security at the start is crucial. Having the proper processes along with the right technology is critical,” said Theresa Lanowitz, Research Director, Gartner, Inc.

Sima adds, “Software developers are not security experts, yet we must be able to rely on them to develop secure code. SecureObjects, integrated into the developer’s Visual Studio .NET environment, makes the development of secure software from the beginning possible and effectively incorporates security throughout the development process.”

SecureObjects is different because it analyzes application software code from the developers’ perspective – inside out to pinpoint security vulnerabilities in the application. Instead of providing developers with a long list of issues to fix as many security products do, SecureObjects targets input-driven security defects and quickly guides developers through the repair of insecure code while applications are being developed by inserting pre-built securely coded objects.

SecureObjects 1.5 benefits include:

·Tight integration with Visual Studio ..NET – SecureObjects is tightly integrated with Microsoft Visual Studio ..NET 2003, allowing developers to analyze applications and code securely without leaving their development environment.

·Quickly and Easily Harden Applications Against Attack – SecureObjects’ secure component library enables a developer to write secure code from the beginning and harden applications against attack. These code libraries provide developers with secure code that can correct input-driven security vulnerabilities, enhance application security logging, control how Web applications respond to attacks and prevent and detect high risk attacks like: SQL injection, Cross Site Scripting (XSS), Buffer Overflows, Directory Transversal, and Forceful Browsing.

·Targeted Vulnerability Identification – SecureObjects analyzes the code for input-driven weaknesses and reviews configuration files for insecure settings. The analysis yields clear and concise results that quickly guide developers to what needs to be fixed.

·Developer Control – Developers remain in control of their code with SecureObjects. Developers have the option to automatically correct their code using the secure component library or use advice and examples to correct it themselves. In addition, SecureObjects maintains an audit trail of defects and fixes with the capability to undo any applied changes.

·Integration with SPI Dynamics DevInspectâ„? – SecureObjects is integrated with DevInspect which finds Web application security vulnerabilities from a hacker’s perspective through detailed analysis of the application. This combination offers developers the only find and fix solution available today.

SPI Dynamics’ integrated suite of products addresses Web application security throughout all phases of the application lifecycle – from development to quality assurance to security operations and audit – providing the security expertise needed to develop secure applications on time and in compliance with internal best practices and external regulations. This expertise helps organizations streamline security assurance by offering an automated security testing process for each group within their existing work environments, such as Microsoft Visual Studio .NET.

Availability and Pricing
SPI Dynamics SecureObjects 1.5 is available now. For information on SecureObjects pricing, please contact SPI Dynamics at (678) 781-4800 or info@spidynamics.com.

About S.P.I. Dynamics Incorporated
Start Secure. Stay Secure.
Security Assurance Throughout the Application Lifecycle

SPI Dynamics’ suite of Web application security products help organizations build and maintain secure Web applications, preventing attacks that would otherwise go undetected by today’s traditional corporate Internet security measures. The company’s products enable all phases of the software development lifecycle to collaborate in order to build, test and deploy secure Web applications. SPI Dynamics’ internal research and development group, SPI Labs, is widely recognized as one of the leading authorities in Web application security. Founded in 2000 by security specialists, SPI Dynamics is privately held with headquarters in Atlanta, Georgia. For more information, visit www.spidynamics.com or call (678) 781-4800.