Assurance of Applications Security for a Global Telecom Giant
Leveraging our leadership position in securing mission-critical enterprise applications from external threats, we are working closely with one of the largest telecom companies in the world to secure and fortify its mission-critical applications against a wide range of vulnerabilities and cyber threats.
Our client’s needs related to establishing a center-of-competency within a key business group to assess and assure adherence to applications security best-practices across various SDLC stages, as follows:Our client’s needs related to establishing a center-of-competency within a key business group to assess and assure adherence to applications security best-practices across various SDLC stages, as follows:
1) Establish application security review processes for a major business unit and conduct security reviews for a number of business applications using such established process.
2) Deploy and operationalize an infrastructure for application scanning, using third party tools and manual penetration tests, to determine application security vulnerabilities.
3) Create security process documentation and related informational documentation.
HOW INFOVISION HELPED
InfoVision deployed a team of experts from our Enterprise Applications Security practice group at our client facility. Team credentials included specialized expertise and industry certifications in enterprise applications assessment and assurance areas. Working closely with members of our client’s own IT and business groups, InfoVision set up the required infrastructure and processes. Deliverables are:
1) Establishment of an application security review process
2) Conducting of security reviews for all new business applications using the established process.
3) Deployment of security scanning infrastructure using several tools, among them SPI Dynamics.
4) Establishment of Operational capabilities for scanning infrastructure, educated and guided project development teams on security best-practices for use throughout the SDLC.
5) Creation of security process documentation and information documentation.
(a) Increased client’s confidence in its key web applications
(b)Enhanced customer trust
(c) Created applications where security was baked-in, not bolted-on, and also
(d)Reduced overall costs of security related rework