| Customers: Open code Samara; Information technologies Contractors: Positive Technologies Product: PT Application Inspector (PT AI)Project date: 2019/05 - 2019/10
|
2019: Implementation of PT Application Inspector
The analyzer of security of the PT Application Inspector applications of Positive Technologies company allowed specialists of Open code company to book fast audit of the code and to receive the most complete and exact results and also to accelerate elimination of the found errors thanks to detailed recommendations. On November 13, 2019 the Positive Technologies company reported about it.
Annually the Open code company develops and supports tens of applications and also improves already implemented systems. One of requirements of customers — a guarantee that ready applications do not contain vulnerabilities.
 | Whatever high was qualification of developers, there is always a risk that in the application there can be critically dangerous vulnerabilities which operation will allow malefactors to carry out the different attacks, and result can become failure in service or theft of personal data. Besides, the number of the purposeful attacks grows, and even small vulnerability can become a part of the multi-stage circuit of penetration. In the second quarter 2019 malefactors operated web vulnerabilities in 18% of the attacks to legal entities. For example, Forbes, Puma and a set of online stores underwent the attacks using the harmful scripts directed to theft of these payment cards, notes Anton Alexandrov, the head of business development of security of the Positive Technologies applications
|  |
In view of these threats, department of information security of Open code decided to strengthen control of security of products at all stages of their creation. There was a need to automate verification of the code and to implement it in development process of software. At the same time the implemented tool had to be equally convenient to both developers, and security experts.
In further plans — scaling of the solution and integration of PT Application Inspector into development process of software of the company within the concept of safe development (SDL).
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |