TeamMentor: Secure software development knowledge base
Security Innovation released TeamMentor 3.2, a SaaS product that provides guidance to help security and development teams create secure software out of the box, along with support for industry best practices, coding and architectural standards.
It helps teams ease compliance to internal security policies, allowing for the creation and customization of security best practices and standards – and it reduces overall application risk.
TeamMentor v3.2 is also a Visual Studio 2010 plugin that integrates static analysis results with TeamMentor’s prescriptive security guidance – providing comprehensive remediation capabilities for Security and Development teams looking to expand the value and impact of static analysis solutions and fix code vulnerabilities, based on specific coding problems and patterns to permanently eliminate those problems in your code moving forward.
The tool also features content updates including new mobile application security libraries for both iOS and Android – the first comprehensive guidance set for implementing application security controls for both platforms.
In addition to the newly added CWE/SANS Top 25 most common code vulnerabilities, TeamMentor now features added functionality so that teams can hyper-link filtered results to quickly send and consume the guidance content.
“For organizations using static analysis tools, the results can often be overwhelming in terms of prioritization and remediation,” said Wendy Nather, Research Director, 451 Group. “As Security and Development teams progress in collaborating to ensure that software is delivered securely, they’ve needed a just-in-time ‘pull’ model, where people can look up the information they need right when they need it. In turn it becomes more effective to run results against prescriptive guidance in a central location so you can start to reduce software vulnerabilities.”
“We are excited to deliver the latest build of TeamMentor because it satisfies the vision we have of enabling organizations to leverage existing tools to solve the persistent problem of fixing vulnerabilities as opposed to just knowing they exist,” said Jason Taylor, Chief Technology Officer, Security Innovation. “Now, developers can stay within their environment while scanning software code and remediate what they find in one step. TeamMentor offers a comprehensive solution that helps build security into software without inhibiting revenue-generating projects.”
TeamMentor’s out-of-the-box guidance assets are experience-based, leveraging the company’s decade of security analysis and research. The content is developed by Security Innovation’s foremost security experts and is peer-reviewed. Updates are delivered quarterly so development and security teams have the most recent and relevant information on known and new software vulnerabilities.