Deliver Your News to the World

SPI Dynamics’ Application Development Lifecycle Security Solutions Achieve Ready for IBM Rational Software Validation


SPI Dynamics Supports Entire IBM Rational Software Development Lifecycle

ATLANTA – December 5, 2006 –S.P.I. Dynamics, Inc. announced today the company’s DevInspect® Web application developer security product has achieved Ready for IBM Rational software validation. DevInspect’s validation for integration to the IBM Rational Software Delivery Platform V7, desktop products, marks SPI Dynamics’ second application development lifecycle security solution to achieve this status. SPI Dynamics’ QAInspect® security testing product achieved validation earlier in the year.

In addition, the company has achieved IBM PartnerWorld Advanced partner status with its Web application security solutions. IBM’s Advanced level Business Partners have committed to maintaining a prosperous business relationship with IBM and are recognized and rewarded for that commitment.

“SPI Dynamics provides true lifecycle support for the IBM Rational Software Delivery Platform with the validated integrations of our DevInspect and QAInspect secure development lifecycle solutions. Our solutions provide the IBM Rational customer base with leading application security technologies,” said Brian Cohen, president and CEO, S.P.I. Dynamics, Inc. “Companies use Rational as a single, end-to-end solution vendor for software engineering teams. To date, we have licensed our entire application development lifecycle product line to some of IBM’s largest customers.”

IBM Rational provides an end-to-end lifecycle solution for application development through the Rational Software Delivery Platform. Their products impart best practices and best of breed technology at each phase of software development to solve the business problem. SPI Dynamics extends the Rational Software Development Platform in a critical area, application security testing during development and QA testing, bringing secure development to Rational customers.

Announced in November, DevInspect is tightly integrated with IBM Rational Application Developer (RAD) integrated developer environments (IDE) versions 6 and 7. DevInspect helps ensure that developers build secure Web applications, providing the developer with security testing as an integrated function within their existing IDE. DevInspect provides a unique combination of data from source code analysis and black box testing in a cooperative process called Hybrid Analysis™ - a unique capability architected into DevInspect’s security analysis. This cooperative application of black box and source code testing creates the most accurate and effective technique for writing highly secure source code.

DevInspect also integrates with IBM Rational’s ClearQuest platform so that development teams can easily manage and fix security defects that DevInspect identifies in their source code. SPI Dynamics’ QAInspect Web application security testing product has achieved integrations with IBM Rational ClearQuest and IBM Rational Functional Tester to help quality assurance professionals test for security defects alongside functional and performance defects.

Facilitating Lifecycle Collaboration and Secure Development
SPI Dynamics’ development lifecycle security solutions provide a powerful automated secure coding framework, and offer unique features for security analysis and vulnerability remediation of security defects. SPI Dynamics’ distinctive approach to secure application development delivers industry best practices and facilitates security assurance collaboration between security professionals, developers and quality assurance teams. Developers can run DevInspect’s Hybrid Analysis technology directly within Rational Application Developer, allowing any security defects that are discovered to be fixed immediately or managed through ClearQuest for another developer to fix. This also allows a QA professional to verify that the security defect has been corrected. QA professionals can run black box security tests with QAInspect where security defects are populated into and managed through ClearQuest. In addition, QA professionals can assess the business processes which are being tested by Rational Functional Tester for security defects. This allows QA to narrow security assessments to save significant testing time.

About Hybrid Analysis
SPI Dynamics ’ Hybrid Analysis technology combines the depth of source code analysis with the accuracy of black box testing into a single, cooperative process. The source code analysis technology defines the application attack surface, identifying all application inputs and finding common security coding errors. The black box testing phase uses the intelligence and data from the source code analysis to discover and verify exploitable security defects using automated attack techniques against running applications. This black box testing phase dramatically reduces false positives to yield the subset of exploitable security vulnerabilities in the application found during source code analysis, rather than a theoretical list of all potential problems that require manual review and validation. The results are fundamentally different compared to the simple combination of data from separate source code analysis and black box testing tools within a single report, which only provides data points for manual validation, not better accuracy.

About S.P.I. Dynamics, Inc.
Start Secure. Stay Secure.®
Security Assurance Throughout the Application Lifecycle

SPI Dynamics delivers a comprehensive suite of products and services that help to identify and remediate Web application and Web services security vulnerabilities found at key stages throughout the Web Application Lifecycle. SPI Dynamics solutions enable security professionals, QA testers, and developers to work together to assess, analyze, and remediate Web applications and Web services for security vulnerabilities, and verify compliance with over 20 security policies like SOX, HIPAA and PCI. The Company’s unique approach, utilizing patent-pending Intelligent Engines™ technology combined with the largest Web application security vulnerability knowledgebase in the industry, delivers unparalleled speed and accuracy. SPI Dynamics’ research and development team, SPI Labs, is widely recognized as one of the world’s leading authorities on Web application security and risk management. The Company has over 850 customers among Global 2000 enterprises, including over 90 U.S. Federal accounts, and has strategic partnerships with Microsoft, IBM, Mercury, CSC and Visa, with Visa investing in the Company in 2005. SPI Dynamics is privately held with headquarters in Atlanta, Georgia. For more information on Web application security, visit or call (866) 774-2700.

DevInspect, QAInspect and Start Secure. Stay Secure. are registered trademarks, and Hybrid Analysis and Intelligent Engines are trademarks of S.P.I. Dynamics, Inc. Product or service names mentioned herein are the trademarks of their respective owners.


This news content was configured by WebWire editorial staff. Linking is permitted.

News Release Distribution and Press Release Distribution Services Provided by WebWire.