	
	
		Requirements
		Design
		Implementation
		Verification
		Release
	

	
		Training
		Consulting
		Products	
		

Secure Implementation Solutions

Security Innovation offers multiple solutions at the Implementation phase including:

Code Review
CxDeveloper - next generation static analysis tooling
Computer-based and instructor-led training

Code Review
A Code Review discovers implementation-level vulnerabilities introduced during construction and recommends remediation for those coding errors. It provides an analysis of an existing codebase and locates code constructs that lead to security vulnerabilities. Our expert security team employs a combination of static analysis tools and “eyes on” manual review to uncover the highest number of flaws possible.
Code reviews may be executed against applications written in C, C++, C#, VB, VB.Net, and a myriad of web technologies including Ruby, PHP, AJAX, and Perl.

The result of a Code Review is a detailed report outlining code issues and suggested repairs for improved security. This allows the development team to better understand the problem areas of their code and prevent common logic errors and other mistakes in the future.

CxDeveloper: Security-Specific Static Analysis
Security Innovation leverages Checkmarx™ state-of-the-art static source code analysis tools to help automate the identification and remediation of potential security vulnerabilities in source code.
CxDeveloper is designed for integration with developer-focused tools and processes, leveraging the same powerful static analysis technology to quickly and accurately identify potential security vulnerabilities in code as it is being worked on. Integrations with Visual Studio allow audit, scanning and analysis activities to be executed from within the shell.

TeamMentor™ - secure coding guidance system
TeamMentor™ is a sophisticated application security guidance system that delivers the collected experience of Security Innovation engineering to development teams of all sizes. In Wiki-like format, it provides on-demand, task based collections of secure development knowledge, guidance and libraries to specific practitioners at the appropriate lifecycle phase - helping the entire team build more secure applications.

Training
Security Innovation offers the following instructor-led and computer-based training that give developers the skills they need to build more secure code:

Creating Secure Code - Learn secure coding best practices & reduce the susceptibility of your code to vulnerabilities
Creating Secure Code - C/C++ - Learn to find, fix and prevent vulnerabilities specific to C/C++
Creating Secure Code - ASP.NET - Learn secure coding practices specific to solutions built around ASP.NET

Financial Services Technology Retail Health Care Government Entertainment Private Equity

Vulnerability Analysis Training Software Security Risk

Overview TeamMentor eLearning Holodeck Checkmarx

About Us Newsroom Events Careers

Overview Authored Books Whitepapers Published Articles Webcasts Data Sheets 19 Software Attacks