Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

ATCORP RELEASES CSAS – SECURITY SOFTWARE FOR APPLICATIONS IN THE CLOUD

ATCORP RELEASES CSAS - SECURITY SOFTWARE FOR APPLICATIONS IN THE CLOUD

As government and private sector applications move to “the cloud,” system analysts have few ways of measuring their exposure to known and unknown security risks. ATCorp has announced the availability of CSAS, a software tool that helps software developers and analysts discover actual vulnerabilities and configuration problems in their systems. It allows analysts to evaluate the overall risks those vulnerabilities pose in their specific applications, and mitigate those risks as warranted.

CSAS‘s approach applies to multiple applications:

  • Cloud application security analysis
  • Track system requirements
  • Software testing and validation
  • Impact/fault tree analysis to relate possible modes of attack
  • Attack reconstruction
  • Tracking of software vulnerability in complex applications

Key Ingredients

Unlike competing assessment systems, CSAS provides a framework for mapping high-level security concerns, such as the protection of sensitive data. CSAS‘s models also help compute metrics such as minimum remediation cost or attack complexity.

CSAS integrates into existing workflows by employing standards such as the U.S. National Institute of Standards and Technology (NIST) Security Content Automation Protocol (SCAP) and tools such as the NIST National Vulnerability Database (NVD). CSAS‘s tools can query Amazon Web Services (AWS) and OpenStack cloud configurations, as well as examine configuration data on individual cloud machine instances and external databases.

CSAS provides a number of benefits including:

  • Provides more thorough & repeatable analysis, through a structured, hierarchical framework for security models
  • Saves time: performs on-line tests to determine which modeled vulnerabilities are actually present
  • Improves and extends existing host-based security analysis techniques to the cloud and distributed systems
  • Saves labor, pinpoints problems faster; automates routine compliance testing to ensure risks have not been introduced due to configuration changes by the cloud provider or newly-discovered software vulnerabilities
  • Improves system designs: assists with design tradeoffs
  • Improves analytics: computes other tree-derived metrics, such as costs, impact, requirement analysis, or compliance

CSAS is available as a standalone graphical application for security analysts, a command-line edition for automated processing, and a version aimed at software developers that integrates with the Eclipse development environment.

snap

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post