OpenSky Granted Provisional Patent to Improve Application Security -- Patented Approach Calculates Application Risks More Accurately Than Any Other Method
OpenSky Corporation, an IT consulting firm focused on transformational IT infrastructure, and compliance, has been granted a provisional patent by the US Patent Office for an innovative method to accurately calculate perceived versus real application risks. The patent number 61/901,906, entitled “Vulnerability Risk Evaluation for Computer Applications Under Development,” provides for a more accurate risk-based decision-making process than any other method available today.
Application assessment options today do not take into account the application attributes when computing risk. OpenSky’s patented method is unique in both approach and design. It goes beyond CVSS, CWE, and CAPEC to include key attributes and view of the application, including data classification, , cohesion, data type, complexity and coupling. The patent covers deployed applications as well as applications under development and will benefit a variety of industries, including healthcare, insurance, asset management, banking, education and technology manufacturing.
Mark Wireman, the patent’s founder and National Practice Lead for Application Security at OpenSky, has more than 12 years of experience in application development. He focuses on application security from a process and practice perspective within the Department of Defense, financial, and healthcare sectors.
“Companies expend a significant amount of time and money attempting to remediate inaccurately identified vulnerabilities,” said Wireman. “The patented method provides a more accurate assessment through a real risk perspective of the vulnerabilities by including the application’s view and context. This provides organizations with accurate information for prioritizing remediation expenditures and helps improve enterprise security by reducing risk in the most cost-effective manner.”
Application security has become a top IT concern for organizations. The surface of attacks targeting applications and data has expanded from web into and systems, making the rapid adoption of detection and concepts and technologies critical for all enterprises. The Open Web Application Security Project (OWASP) recommends that organizations establish an application security program to gain insight and improve security across their application portfolio.
“The threat landscape for application security constantly changes with attackers making advances, innovative technologies plagued with new weaknesses, and increasingly complex IT ecosystems,” said Roger Levasseur, President and CEO of OpenSky. “OpenSky will use the patented process to help our clients better manage risks associated with applications.”
OpenSky performs application security assessments in all phases of the Software Development Lifecycle (SDLC), from development and quality assurance through deployment, maintenance, and auditing of web and mobile applications. Its repeat, on-demand Security Assessments as a Service (SAaaS) plug into an organization’s IT risk management program and enable cost-effective management of risk in an organization’s own environment. SAaaS include application and mobile application security, merger and acquisition security and third-party evaluations.
About OpenSky Corporation
OpenSky Corporation provides information technology expertise to help corporations reduce IT costs, protect information assets and accelerate the adoption of strategic technologies. It specializes in transformational IT infrastructure, security and compliance consulting. OpenSky is a division of TÜV Rheinland, a $2B global leader in independent testing, inspection, and certification services.
OpenSky’s key differentiators include vendor independence, deep industry and technology expertise, and a holistic approach to transforming IT infrastructures. The company believes in aligning premier technology partnerships with vendor neutrality to help businesses across all industries leverage emerging technologies to achieve their strategic goals.
A recipient of multiple accolades, OpenSky was listed on 2012 Inc. 500 and 2013 Tech Elite 250 and holds multiple awards for growth from CRN and Marcum and numerous Top Workplace honors.
For more information about OpenSky, please visit www.openskycorp.com.
About TÜV Rheinland
Founded in 1872, TÜV Rheinland is a global leader in independent testing, inspection, and certification services, ensuring quality and safety for people, the environment and technology in nearly all aspects of life. The company maintains a presence in 500 locations spanning 65 countries, employs 18,000 people and has an annual revenue of $2.2 billion (€1.6 billion). TÜV Rheinland inspects technical equipment, products and services, oversees projects and helps to shape processes for a wide variety of companies through its worldwide network of approved labs, testing facilities and education centers. Since 2006, the company has been a member of the United Nations Global Compact to promote sustainability and combat corruption. For more information, visit www.tuv.com/us.