TeamMentor™ - Guidance for Secure Application Development
|
Improving the software development process has cost benefits and industry regulations are requiring proof of steps taken to secure sensitive information. With TeamMentor, developers can improve application security while remaining competitive in meeting business/regulatory requirements |
| Charles Kolodgy, Research Director, IDC | |
|
|
||
|
TeamMentor™, the industry’s first Web-based software security learning and knowledge management system, provides each development team member complete SECURITY GUIDANCE up front and as they code. It is ideal for: |
||
|
novice development teams in need of secure development and testing principles and guidelines | |
|
|
advanced development teams that need quick access to accurate code snippets, test attacks and other critical guidance assets | |
|
|
development managers seeking the consistent construction of secure application | |
|
|
corporate security teams that need to meet PCI requirement 6.5 (document use of secure coding best practices) | |
TRY
ITLeverage our Expertise for Secure Development
Even with the best of intentions, most secure application development efforts fail due to time, level of effort and quality issues — but it generally falls down to inadequate guidance. The web and IDE help systems provide nominal implementation help to developers but inaccurate and incomplete information often lead to insecure development efforts. TeamMentor is a centralized and broadly available collection of secure development assets including:
|
|
Guidelines, Checklists |
|
Principles |
|
|
How To's |
|
Attack/Vulnerability Descriptions |
|
|
Requirements |
|
Code Snippets and Examples |
|
|
Techniques |
|
Test Cases |
|
|
Design Patterns/Antipatterns |
|
e-Learning modules |
|
Technical
TeamMentor™ supports key development technology silos including C#/ASP.NET, Java/Web and AMP (Apache, MySQL, PHP/Perl/Python). For each environment, TeamMentor delivers its assets to developers through a rich AJAX based browser interface. Other technical specifications:
|
|
Microsoft SQL Server 2005 back end |
|
|
Delivery and authoring engines are written in C# |
|
|
Browser interface is written in AJAX and supports IE6/IE7 |
|
|
Requirements: Microsoft SQL Server 2005 with 5GB available space & AJAX capable browser |
