Software Security

As the business criticality of software grows, ensuring that your company's software and confidential data are protected and secure becomes increasingly important. Cigital assists companies big and small to meet this challenge by providing consulting services across the entire spectrum of software security. Whether you need application or architecture assessments, penetration testing, up-to-date coding standards or help with tools selection and implementation... we can help.

Cigital provides independent, unbiased advice on software security across the enterprise. We are recognized experts who apply a combination of proven methodologies, tools, and best practices to meet each client's unique requirements.

A one-stop shop for software security — Cigital's Service offerings span all software security activities including:

Static Code Review (Static)

  • Source Code Scanning
  • Customized source code reviews
  • Code coverage tools in conjunction with dynamic analysis
  • Vulnerability detection in coding phase
  • COTS/Open Source product review
  • Binary Code Scanning

Application Pen Testing (Dynamic)

  • Web Application scanning
  • Database Server scanning
  • Web Server & Application platform scanning
  • Vulnerability detection in test/QA and operations

Architectural Risk Analysis (Architecture)

  • Threat Modeling
  • Attack vectors
  • Threats
  • Trust zones
  • Ambiguity analysis
  • Gap analysis
  • Vulnerability prevention & correction in analysis and design phases

Vulnerability Remediation

  • Activities aimed directly at repairing previously discovered weaknesses in software, technology, and processes

Coding Standards

  • Definition, customization and documentation of industry and corporate security-related standards and best practices

Security Assurance Tools

  • Implementation of, or improvements of, any SDLC, data, or network security tools anywhere in the enterprise to provide a "one-stop shop" solution

In addition to our software security offerings, we have specific solutions and expertise in online gaming. More information can be found here:

For additional information on our services, read our Software Security offerings [PDF]. Also see more on our recently released Building Security In Maturity Model [PDF] and find out how your company can be added to the model!

Contact us today at 800-824-0022 or e-mail us.