TeamMentor™ - Guidance for Secure Application Development
 |
Improving the software development process has cost benefits and industry regulations are requiring proof of steps taken to secure sensitive information. With TeamMentor, developers can improve application security while remaining competitive in meeting business/regulatory requirements |
| Charles Kolodgy, Research Director, IDC | |
Just-in-Time and Accurate Guidance
Security Innovation has guided software development teams through the process of developing secure applications for years. This experience allows our engineers to recognize the problems that software development teams typically encounter and drive the behaviors they need to adopt in order to succeed. TeamMentor™, the industry’s first Web-based application security learning and knowledge management system, encapsulates this cumulative know-how and experience. In a wiki-like format, TeamMentor™ provides each development team member complete SECURITY GUIDANCE up front and as they code - in a way that can be leveraged immediately and repeatedly. It is ideal for:
 |
novice development teams in need of secure development and testing principles | |
|
|
advanced development teams that need quick access to accurate code snippets & test attacks | |
|
|
development managers seeking the consistent construction of secure applications | |
|
|
corporate security teams that need to implement and document the use of best practices for audits and compliance | |
 |
Leverage our Expertise for Secure Development
Even with the best of intentions, most secure application development efforts fail due to time, level of effort and quality issues — but it generally falls down to inadequate guidance. The web and IDE help systems provide nominal implementation help to developers but inaccurate and incomplete information often lead to insecure development efforts. TeamMentor is a centralized and broadly available collection of secure development assets including:
|
|
Guidelines, Checklists |
|
Principles |
|
|
How To's |
|
Attack/Vulnerability Descriptions |
|
|
Requirements |
|
Code Snippets and Examples |
|
|
Techniques |
|
Test Cases |
|
|
Design Patterns/Antipatterns |
|
e-Learning modules |
Technical
TeamMentor™ supports key development technology silos including C#/ASP.NET, Java/Web and AMP (Apache, MySQL, PHP/Perl/Python). For each environment, TeamMentor delivers its assets to developers through a rich AJAX based browser interface. Other technical specifications:
|
|
Microsoft SQL Server 2005 back end |
|
|
Delivery and authoring engines are written in C# |
|
|
Browser interface is written in AJAX and supports IE6/IE7 |
|
|
Requirements: Microsoft SQL Server 2005 with 5GB available space & AJAX capable browser |
