SPIguard Certification : SPIguard Inc

By: Spiguard Security Solutions  09-12-2011
Keywords: Security Consultants, Penetration Test

Industry and Regulatory Agencies are increasingly requiring businesses to meet published security standards. It is important for businesses, and their clients, to know that their applications are secure. While you can conduct a penetration test of your applications, that alone cannot provide an assurance that they are secure. The only way to actually ensure security is to have a good application development and deployment program.

Defining what a good secure application development and deployment is can be subjective. SPIguard has taken its experience performing penetration tests and compliance assessments and come up with a certification service that ensures consistency and accuracy across platforms and architectures.

SPIguard Certified TM Service

The SPIguard CertifiedTM service verifies that your applications have been thoroughly tested and that you also have a secure application development methodology. Our expert security consultants will review your development and deployment processes to ensure that they meet certification requirements. We will then test your applications and the deployed environment to identify any potential weaknesses. We will also work with you to address gaps/weaknesses and suggest solutions. Once all the requirements are met, SPIguard will issue a certificate.

Who Is This For?

SPIguard certification is ideal for applications that handle sensitive data, but do not fall under any other certification requirements such as PA-DSS. This is also for organizations that need an assurance or need to show their clients that their applications are secure.

Certification Process

SPIguard has a very thorough methodology that follows industry standard practices. We have created detailed checklists on what to look for and how to verify that applications meet requirements.

  • Evaluate operations to determine areas in scope for certification
  • Identify and classify sensitive data and areas
  • Compare policies and procedures against industry standards
  • Identify gaps and weaknesses
  • Provide report on gaps and recommend steps for remediation
  • Verify implemented practices against documented policies and procedures
  • Test applications and network for vulnerabilities
  • Provide report on gaps and vulnerabilities
  • Recommend and prioritize remediation activities
  • Test applications and network to verify remediation
  • Recommend and prioritize remediation activities
  • Archive artifacts obtained during the certification
  • Provide certificate

What Does It Mean

Having the SPIguard Certified TM certification shows to your clients and business partners that you have done your due diligence to make and keep your applications secure. It shows that you have secure application development and deployment processes.

Keywords: Penetration Test, Security Consultants

Contact Spiguard Security Solutions

Email

Print this page

Other products and services from Spiguard Security Solutions

09-12-2011

Network Security : SPIguard Inc

We review your network diagrams, determine which IP ranges are in-scope for the penetration test, provide an overview of our testing process, and discuss any special testing requirements. The report will detail all vulnerabilities uncovered during the testing process along with severity levels and recommendations for how to remediate each vulnerability that was identified.


09-12-2011

Security Services : SPIguard Inc

Hackers might be able to exploit misconfigurations of your network components or platform weaknesses to gain access to your network and steal your data. This where you most precious asset – data, trade secrets, etc – are stored. It is in your best interests to protect your infrastructure and network.


09-12-2011

Web Application Security : SPIguard Inc

The report will detail all vulnerabilities uncovered during the testing process along with severity levels and recommendations for how to remediate each vulnerability that was identified. We offer penetration testing and vulnerability assessment services that will uncover any vulnerabilities, allowing you to fix them before hackers find and exploit them.