AsTech Consulting Introduces Legacy Application Security Evaluation and Remediation Program

SAN FRANCISCO, Sept. 28, 2016 /PRNewswire/ -- AsTech Consulting, a leading independent security consulting company, today announced the introduction of its ground-breaking Legacy Application Security Evaluation and Remediation (LASER) guided security improvement program. Combining automation and human engineering elements to vet results and discover more complicated security issues, LASER brings a deeper level of scrutiny and attention to detail to any software security enhancement process for large scale applications, which many experts agree present the greatest risk to doing business on the Internet.  

Jeremiah Grossman, a world renowned security expert and Founder of WhiteHat Security, says "On average, vulnerabilities in legacy Web applications are often left wide open to hackers for weeks, months, and even years in some cases. These un-remediated vulnerabilities represent one of the largest sources of risk in the industry as it's precisely how a huge number of companies get hacked." He adds, "With AsTech Consulting's LASER program, organizations are now able to continue driving their product roadmap without disruption by leveraging outside expertise to address long standing security issues."

While legacy applications continue to be a convenient way for companies to earn a solid return on their investment, they open up an array of impending threats. Oftentimes, companies choose to keep their existing legacy software because the implementation of a new system can be costly, and disruptive to productivity. However, many legacy applications were built in a different time – before many software vulnerabilities were well-understood, using outdated rules and guidelines. Even legacy vendor applications that have been patched or updated by the original manufacturer may have lost support over the years as the vendor moves on to newer products. With the assistance of a LASER guided security improvement process, companies can quickly and easily assess vulnerabilities in their software and execute a plan to secure them.

"LASER is first fully scalable, productized service focused exclusively on large legacy applications allowing companies to tailor the level of investigation they want focused on their application, and the type of help they need to address the vulnerabilities in the source code," said Greg Reber, CEO, AsTech Consulting. "LASER has been designed to complement any development team working toward a safer and more reliable software environment. LASER provides organizations of all sizes with a flexible and cost effective way to make the most of their legacy applications while making real progress in securing those applications. AsTech Consulting has developed this process and completed a number of pilot projects with companies on large applications containing thousands of vulnerabilities, resulting in measurable increases in the security of these applications."

Companies who employ a full time development staff for the purposes of creating and maintaining their software can use the information from the discovery phase, along with consultative help from AsTech Consulting's engineers, to begin securing the software themselves. Another option, companies who do not have the resources to handle the redevelopment can choose to outsource the remediation to the LASER team. In this case, AsTech Consulting's engineers will work on their own to create and test an enhanced version of the application, which can be re-introduced to the client's system in stages.

Organizations who complete a remediation plan with LASER can expect to save thousands of dollars on the development of a completely new software suite. By keeping the legacy application in place, companies can avoid disruptions in business while addressing security issues. Since LASER can be tailored to any budget or focus, organizations can easily take advantage of the benefits without fear that they are going to spend more than they would on developing a new application altogether, while making real progress in reducing risk. LASER will keep mission critical applications running smoothly (and securely) for years to come and provide peace of mind that there are no unknown threats lurking in the shadows.

"At AsTech Consulting, we have a proven track record of helping customers with effective vulnerability discovery methods, and both assisted and outsourced redevelopment," continued Reber. "Our software security engineers have an average of more than 10 years of experience in enterprise application development as well as extensive application security experience. If you're struggling with how to secure your legacy application, LASER is the solution to your problem."

About AsTech Consulting

AsTech Consulting is a leading information security/risk management firm dedicated to helping clients identify and manage risks affecting critical applications. Based in San Francisco, California, the organization helps mitigate risks by working with software development teams to achieve unprecedented levels of sustainable application security. As independent security specialists, AsTech Consulting employs experienced security professionals, more than half of which have over 15 years of relevant experience. For more information, please visit https://www.astechconsulting.com/ and follow the company on Twitter at @AsTech_infosec and on LinkedIn.

Media Contact:
John Kreuzer
[email protected]
(408) 896-3307

SOURCE AsTech Consulting

Related Links

http://www.astechconsulting.com