Parasoft, a leading provider of solutions that deliver quality throughout the software development lifecycle (SDLC), has announced the availability of enhanced data flow analysis capabilities that help organizations rapidly identify high-risk runtime security vulnerabilities as well as monitor security policy compliance.

This capability is available in Parasoft's Application Security Solution, which establishes a continuous process that ensures security verification and remediation tasks are not only deployed across every stage of the SDLC, but also ingrained into workflow.

Parasoft's Application Security Solution expands traditional data flow analysis from software quality to application security. This server-based technology statically simulates complex application execution paths to help teams effortlessly find vulnerabilities that might otherwise take weeks to find-or remain unnoticed until exploited. Vulnerabilities detected include SQL injection, cross-site scripting, exposure of sensitive data, and other potential issues.

Since tests are performed completely automatically (there are no test cases to design, implement, execute, or maintain), teams significantly increase the scope of their security testing without slowing project progress. The latest enhancements not only draw upon an extensive knowledge base of common attack patterns, but also enable organizations to map the data flow logic to their own security policy. The result is realistic and accurate validation that is closely aligned with the team's security priorities.

"Security should be an integral part of the SDLC, not an afterthought, "said Neil MacDonald, vice president and Gartner Fellow. "The notion of application ‘quality' which has traditionally focused on functionality and performance must be expanded to include security. Native integration of security testing capabilities into the SDLC environment will increase the likelihood of acceptance by the development organization."

With Parasoft's 20 years of experience helping Fortune 500 companies incorporating security and quality practices across the SDLC, Parasoft knows what it takes to make them practical and sustainable. Parasoft solutions have supported application security verification for years through rule-based static analysis, data flow static analysis, security metrics, and peer code review process automation. In order to ensure development teams that these practices improve rather than impact productivity, Parasoft solutions establish and drive a daily process that automatically monitors policy compliance at all layers of the application stack, identifies vulnerabilities, and collects process metrics. Development teams can secure code by simply responding to the reported tasks and management gains real-time visibility into overall security status and processes.

For more information about Parasoft Application Security Solution, visit www.parasoft.com/parasoft_security.

About Parasoft Corporation

For 20 years, Parasoft (http://www.parasoft.com) investigated how and why software errors are introduced into applications. Its solutions leverage this research to deliver quality as a continuous process throughout the SDLC. This promotes strong code foundations, solid functional components, and robust business processes. Whether someone is delivering service-oriented architectures (SOA), evolving legacy systems, or improving quality processes, they can draw upon Parasoft's expertise and award-winning products to increase productivity and the quality of developed business applications.