|
About AspectOur simple vision is a world without software vulnerabilities. We recognize that achieving this vision is going to require a paradigm shift in software development training, engineering, testing, and even use. We know that it will be many years before this vision is achieved. Yet we are convinced that the goal is one worth striving for. Aspect is a collection of highly trustworthy engineers who are expert in both software development and security. We pride ourselves on being able to work with software development teams and achieve results in a cost-effective manner. We are highly practical in our approach to security and always ground our analysis in our customer's business needs. Aspect can meet your application security needs because it's our specialty, we are leaders in the community, and we've been doing it for a long time.
Aspect focuses exclusively on application security services. Aspect delivers third-party security analysis, code review, and application testing to verify the strengths and weaknesses of our clients’ web applications, web services, and other software applications. In addition, Aspect appraises organizations' ability to develop, operate, audit, and maintain secure applications and develops tailored programs to increase these organization’s application security capability. Aspect has verified hundreds of millions of lines of code for mission critical applications written in languages such as Java, JSP, C, C++, C#, ASP, VB, VB.NET, ABAP, PHP, Dynamo, Cold Fusion, and Perl in environments including Java, J2EE, .NET, SAP, Oracle, PeopleSoft, and Struts. Through our hands-on courses, we have trained thousands of developers and managers to build and test secure applications. Aspect’s staff is a unique blend of developers, software architects, security engineers, and process improvement designers. Many of our staff have CISSP, CISM, and GSEC certifications as well as US Government security clearances. Aspect is a member of OWASP (The Open Web Application Security Project) and staff members of Aspect served as the authors of the OWASP Top Ten Web Application Security Vulnerabilities. Aspect works with many government teams focused on application security, and championed the inclusion of application security into FISMA (NIST SP 800-53). Aspect's engineers have been focused on integrating security into the software development lifecycle for over a decade. Several of our staff led the development of the Systems Security Engineering Capability Maturity Model (SSE-CMM) now known as ISO 21827. The principles from this standard are the basis for all the popular approaches to application security process improvement.
|
