“Security and compliance requires specialized expertise, and it makes more sense to outsource that so my staff can stay focused on the core business objectives.... Counterpane can survey all the potential threats worldwide. They can provide a much wider, more current view of the threats. That's something we can't do as efficiently, given our current staff levels.”

- John Lambeth, CISSP, CISA
Vice President, Information Technology
Blackboard Inc.

Application Security Assessment

Your organization invests in web applications to provide customers and business partners access to more information than ever before. With best practice security policy, proper configurations, and vigilant monitoring, the firewalls, intrusion detection systems, and other traditional security controls can protect your information infrastructure, but they may not be adequate in protecting your business's most critical information that resides in those web applications. Web-based applications can provide high returns for a business, but without appropriate security they can expose the organization to risk.

BT's Comprehensive Application Security Assessment is an application risk assessment and management program that provides your organization with the tools and knowledge necessary to deploy and maintain secure applications. The program is based on the BT Application Security Assessment Methodology, which works with your organization to ensure on-going operational security for your web applications.

The methodology is delivered in 3 Phases:

Annual Application Security Assessment

First, BT will conduct a thorough risk assessment of the target application by analyzing the application using a variety of test methods. This phase of the assessment includes platform security testing, functional application security testing, application architecture review, process and procedure review, source code analysis, and functional security assessments from both an internal and external perspective. The results of the assessment are used to produce a root-cause-analysis, which helps your organization understand the cause of the risks discovered in your application. The deliverable produced after this phase of the assessment highlights and prioritizes weaknesses in your application security posture and provides recommendations necessary to secure your applications.

Gap Assessment

Once an organization has begun the remediation process and addressed findings discovered in the Application Security Assessment, BT will retest specific findings to ensure that your organization's mitigation efforts are effective at reducing or eliminating risk. This phase is designed as a validation step to measure the efficacy of changes and fixes to the application.

Quarterly Assessment (On-Demand Assessment)

BT will re-assess the application security posture quarterly (or on-demand as needed) after an organization has modified core application functionality, added new features, or when new threats against web applications are discovered. The Quarterly Assessment, such as functional security testing, and platform security testing, is designed as a cost-effective assessment solution to test only those components of the application that change frequently. Other components of the Annual assessment can be revisited during the quarterly test to validate those changes made to the process and procedure, architecture, or source code are effective at mitigating risk

Next Steps

Contact BT's Professional Services group at ps@counterpane.com or 888.710.8175. We will assemble a Statement of Work with full scope and pricing detail, customized to your specific project.

Call Us:
888-710-8175

E-mail Us

Have a Managed Security Services Specialist Contact You

site map