Financial Firm Reinforces Apps
Capital IQ uses software from NT Objectives to secure complex applications 20% faster than before and reduce worker hours
Applications at Capital IQ, a financial-information division of Standard & Poor's, are tightly integrated across disparate operating systems, connecting business processes in order to provide the best advice to corporate clients. "App security was always a tough thing to get a handle on," says Ken Pfeil, chief security officer at Capital IQ.
After trying other products, Pfeil recently got an early version of security software that seems to do many tasks that previous products couldn't. NT Objectives Inc. last week unleashed its NTOSpider software for automated application-vulnerability assessment. "Other products weren't cutting it for our complex apps," Pfeil says.
Automated app-vulnerability software let Capital IQ cut worker hours, Pfeil says. |
NT Objectives includes services with every sale of NTOSpider, as needed, such as education, guidance, and security-process development. NTOSpider includes automated interaction between servers and multiple desktop systems, leading to authentication of an entire LAN. An internal methodology helps ensure the most accurate data while guaranteeing security. Ultimately, NTOSpider could help cut the time it takes to clear apps for deployment.
In the case of Capital IQ, "we're securing the application about 20% faster than we have in the past, and this has cut approximately 20 man hours on a biweekly basis for code-review testing," Pfeil says. In other words, NT Objectives has reduced Pfeil's total worker hours by a third.
Pfeil also credits NTOSpider, compared with the competition, with finding missed vulnerabilities, letting users open multiple reports at the same time and reuse templates, and organizing data for management to read.
Too many customers update their application infrastructures with no idea how upgrades, new components, and off-the-shelf products contribute to complexity, says Peter Lindstrom, an analyst at security market-research firm Spire Security. "And that breeds insecurity," he says. NTOSpider helps customers build resource maps of all the components added to an application, he says, which helps them design the app infrastructure from a security perspective.
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022