Our Innovative Solutions | LEARN MORE  

Innovative Solutions
You have an old version of Adobe's Flash Player. Get the latest Flash player.
about usour solutionsour clientsour peopleour partnerscase studiesnews
BlueModus Provides Expert Information Technology Solutions and Support for Business

Suite of Security Services

E-commerce has become the lifeblood of many organizations, and ensuring the security of web-facing applications is essential. BlueModus is skilled in application security assessment, and we are uniquely able to help our clients eliminate web application security problems. BlueModus partners with best-of-industry application security technology vendors, including Rapid7 and Fortify Software.

BlueModus helps financial firms and retailers comply with the applications security provisions of GLBA/FFIEC, and PCI DSS. BlueModus partners with a leading compliance and security audit and assessment firm, Coalfire Systems, to ensure that our clients are in compliance with relevant regulations.

Like many security consulting organizations, Blue Modus can help companies identify web application security problems. Unlike most such organizations, BlueModus is also uniquely capable of remediating security problems through custom application development and through the use of our secure Internet infrastructure. Our services include:

BLUE MODUS SECURITY ASSESSMENT SERVICES

BlueModus focuses on application security services, and we also provide a full suite of security assessment services for our clients including network scans, network security assessments, and penetration tests.

APPLICATION & NETWORK SECURITY ASSESSMENT SERVICES

Ensuring that vulnerabilities in web-facing applications are identified and resolved, requires an expert understanding of web application development, coding techniques, database architecture, and web application network configurations. BlueModus brings these capabilities and state-of-the-art tools to bear on our clients’ web applications, ensuring that vulnerabilities in critical applications are quickly identified. Specific BlueModus services in this area include:

APPLICATION SCANNING

BlueModus application scanning services employ the Rapid7 NeXpose web application scanning tool, coupled with expert assessment of the results, to identify a wide range of vulnerabilities in web applications.

APPLICATION CODE REVIEW

The BlueModus code review services include static analysis, dynamic analysis, and real-time monitoring and protection. These services utilize the Fortify Software’s Fortify360 product to detect vulnerabilities in source code during or after development, during QA testing, and in live applications.

APPLICATION REMEDIATION SERVICES

As a software development organization with vast experience in developing secure applications, BlueModus is uniquely capable of helping companies fix problems found in application assessments. Our developers understand how to build secure web applications that are not susceptible to cross site scripting, cross site request forgery, SQL injection attacks, and other common web application attacks, and they can assist our clients in hardening and securing their web applications.

SECURE INFRASTRUCTURE SERVICES

As a provider of Internet infrastructure and web application hosting services, BlueModus offers some attractive alternatives to building out a robust and secure application infrastructure. Our managed services Internet infrastructure greatly enhances web application security, and can enable our clients to more easily comply with regulations, including PCI DSS requirement 6.6. These application security assessment services may be customized to address your specific needs.

NETWORK SECURITY ASSESSMENT & PENETRATION TESTS

BlueModus also provides network security assessments, and network penetration tests for our clients. For web application scanning, BlueModus leverages NeXpose and other scanning technologies, which go beyond simple web scanners, to find vulnerabilities in client-side applications, including Web 2.0 AJAX, Javascript, and Flash code. BlueModus also uses the Fortify 360 product from Fortify Software, which provides assessment and analysis throughout the software development and deployment lifecycle. The Fortify 360 product provides static analysis (source code analysis), dynamic analysis (program tracing), and real-time monitoring and protection (real-time analysis).

SECURE DEVELOPMENT LIFECYCLE

BlueModus employs the Microsoft Secure Development Lifecycle in our application development practice, and we strive to help our clients to embrace this rigorous approach to the development of secure applications. We are also members of the Open Web Application Security Project, an international organization devoted to the development of secure web applications.

© 2010 BlueModus. All Rights Reserved. | Terms of Use | Privacy Policy | Legal Notices | Contact Us | Careers | SafeHarbor