Press Releases

SECURITY INNOVATION LAUNCHES THE “SI TESTED” PROGRAM

Validates Customers’ Security Practices; Enables a Competitive Advantage and Trust in Software

Wilmington, MA - August 12, 2008 - Security Innovation (www.securityinnovation.com), the authority in secure software lifecycle management and leading provider of secure software development and software risk solutions, today announced its “SI Tested” program (http://tested.securityinnovation.com). This new program offers a means of validating a company’s security testing efforts in the absence of either industry and/or internal company standards for software security. This validation allows companies whose software programs undergo Security Innovation’s security testing to display the “SI Tested” logo on their web sites, marketing collateral and other appropriate software packaging. The logo demonstrates how essential software security is to them, their customers, prospects and partners.

"Security is a priority for SupportSoft and our customers. Demonstrating a continuing commitment to security is a business necessity,” said Cadir Lee, CTO of SupportSoft. “We selected the ‘SI Tested’ logo program as a means to validate our efforts for software security. Third-party certification gives our customers confidence that our software security has undergone rigorous review."

The “SI Tested” program is currently available to all companies wishing to establish stringent security standards practices and instill customers with confidence in their products and practices. By proactively demonstrating their commitment and accountability to these security best practices through an independent third-party, organizations that bear the “SI Tested” logo differentiate themselves and gain a valuable marketing asset.

In order to display the logo, Security Innovation must evaluate a company's software. The software must be subjected to a rigorous security testing process that identifies high-severity vulnerabilities. The testing process ensures that critical vulnerabilities are found, and customers are encouraged to repair these vulnerabilities prior to release, in order to protect customers and the security of their data.

Additionally, the program can be customized to facilitate compliance to industry-published lists and guidelines from organizations such as OWASP, WASC and SANS, as well as to internal corporate standards. Companies will receive a report detailing the results of the assessment and can post the results publicly if they wish.

This hands-on methodology, developed by Security Innovation and used in these evaluations, has been adopted by universities and organizations across all industries, and offers a more in-depth approach than that taken by remote security scanning tools.

"The security industry needs common and reliable metrics through which to assess software security. As companies become increasingly aware of high-profile security threats, they insist on doing business with vendors that can prove their obligation to security," said Ed Adams, President and CEO of Security Innovation. "Businesses today should not fear security, but instead view it as a differentiator and business enabler. By offering a clear-cut means for companies to evaluate and promote their security practices, Security Innovation is positioning security as a critical component of good business."