TeamMentor™ - Software Development Teams
The Problem| Development Teams face two major challenges with respect to secure software development: | |
| #1 Finding correct information for secure coding and testing/QA activities | |
| #2 Getting just the information needed when it’s needed | |
The Internet and various software development help systems provide some level of guidance to developers and testers as it pertains to secure development and QA, but the time involved can be extreme and the "answer" is usually varied, cryptic or wrong.
The Solution
TeamMentor provides expert knowledge, guidance, how-to’s, and samples
that can resolve both challenges listed above. In addition to having confidence
that things are implemented accurately, TeamMentor allows organizations to:
|
Establish a baseline secure coding practice for itself and/or it's outsourced development partner(s) |
|
|
Track the status of each project and measure against the standard development practices specified |
|
|
Better manage the efforts of large development teams that are separated geographically and/or departmentally that may not use the same processes or techniques |
|
|
Share, extend, and customize the secure coding and testing activities – and integrate them into an existing knowledgebase or workflow management system |
TRY
IT
Use Cases
Coding and Testing Guidance
With immediate access to accurate information, software teams are guided thorough
the process of implementing appropriate code and identifying security problems for
the environments they’re working in. Content for specific activities or technologies
can be found by filtering or searching; however, security novices can also be guided
for just-in-time learning. TeamMentor content includes high-level Principles and
Attack descriptions as well as Checklists, How To’s, and Samples that are
specific to the development language in use.
more>>
Methodology-based guidance
Each development methodology includes areas where security is important, though
they may not explicitly acknowledge it. This often leads to security not being addressed
in the application being developed. TeamMentor walks development teams through important
security aspects at each stage of the software development process and provides
appropriate assets to be consumed. The User can locate and use appropriate security
guidance within a specific methodology or seek specific guidance for surfacing security
issues as part of the chosen methodology.
more>>
Authoritative Sources
When developers are tasked with creating/implementing secure functionality that
they are not familiar with, they don’t always have and authoritative source
for guidance. This results in developers searching for answers in non-authoritative
or non-specific venues, which in turn may lead to improper and insecure implementation.
TeamMentor provides specific guidance for implementing functionality in a particular
environment securely with the level of detail needed for developers.
more>>
Customize for Continuous Learning
TeamMentor™ is a “learning” system capable of incorporating experience gained by the development team during the development process, and leveraging it in subsequent projects. Web 2.0 components such as collaboration, editorial comment and voting allow team members and larger user groups to discuss how specific guidance applies to their applications - and how to focus and extend it, and how valuable the asset is to their environment.
TeamMentor also provides an authoring capability so teams can make the content extensible by adding their own articles, samples, and experience to this continuously growing knowledge base of security best practices – making the TeamMentor knowledge base highly customized to your environment. Team managers can use this feedback and new content to grow and adapt TeamMentor to their specific environments, making it the most valuable single asset the team can own for security guidance.
 Evaluate |
Downloaddata sheet or reviewers guide |
Contact: +1.978.694.1008 x1 or Web form |
