Validation Services Overview
Application Security
Web application security assessments and training.
Building a new web application? Is it secure?
Do your developers have application security training?
Most network layer protection (firewall, SSL, IDS, etc.) is not application aware and cannot detect application based attacks. Web application development should be based on secure application development methodology that considers input validation, authentication, cryptography, audit logging, and parameter manipulation.
Use NCI's security experts as an extension of your development team:
-
Application Security Assessments
- A thorough review of the application from both a technical and non-technical perspective, an Application Security Assessment reports on vulnerabilities and development processes for secure applications.
-
Payment Application (PA-DSS) Validation
- NCI's PA-QSA (Payment Application, Qualified Security Assessors will perform Gap Analysis or Validate your commercial payment application based on the PA-DSS (Payment Application, Data Security Standard).
-
Application Security Coaching
- NCI becomes an extension of your team to provide architectural input, code review, and as required training for your web development team.
-
Application Security Training
- Our one day application security training course goes a long way to making your development team aware of application security methodology and concepts.
