Tag Archives: application security

TVS and ESS announce strategic partnership to provide a complete security solution

PRESS RELEASE

Bristol, UK, 16 March 2015TVS, a leader in software test and hardware verification solutions, and Embedded Security Solutions, a specialist embedded security consultancy, today announced a strategic partnership to provide asureSECURE a complete security solution from hardened SoC to software applications.

For hardware, TVS brings to the partnership its proven expertise in verification and a track record of having successfully executed complex end-to-end verification projects for some of the leading semiconductor chip providers across the globe. ESS brings to the partnership many years of embedded security experience, firmly grounded in the semiconductor industry and the development of complex SoC devices. ESS offers a world-class security architecture capabilityproviding specifications at SoC and hardware IP level as well as product review services. TVS also brings expertise in both software testing and application security where TVS helps clients to develop secure applications and then test them to demonstrate they are secure.

The TVS and ESS partnership is aimed at addressing the needs of semiconductor chip vendors and product manufacturers who are today facing increasing demands to adopt a stronger system wide security approach and need proven and reliable solutions capable of passing a variety of certifications. The joint expertise will help chip vendors and product manufacturers achieve first-pass silicon success reduce time-to-market, address the requirements of emerging market segments like IoT (Internet of Things) and systematically tackle the complexities introduced by increasingly demanding security requirements.

“TVS and ESS have proven capabilities to execute SoC verification and security implementation turnkey projects respectively. The TVS-ESS combination leverages this expertise to provide a full SoC implementation solution, The TVS software test and security expertise allows the partnership to offer full product security.” stated Mike Bartley, TVS Founder and CEO.

Paul Elliott, Founder and Director, ESS Bristol said, “By offering a comprehensive security specification, design, review and testing service, the TVS-ESS partnership helps chip vendors and product manufacturers enter markets with security requirements that have a steep learning curve and avoid mistakes in the security domain that are much more costly to remedy.”

Further information on TVS’s products and services is available at www.testandverification.com.

About TVS
TVS (Test and Verification Solutions Ltd) provides services and products to organisations developing complex products in the microelectronics and embedded systems industries.  Such organisations use TVS to verify their hardware and software products, employ industry best practice and manage peaks in development and testing programmes.  T& VS’ embedded software testing services includes onsite/offshore testing support including assistance with safety certification and security testing.  TVS’ hardware verification services include onsite/offshore verification support and training in advanced verification methodologies.  TVS also offers Verification IPs and its own Verification (EDA) signoff tool.

About ESS
ESS(Embedded Security Solutions Ltd) is a consultancy business drawing on over 40 years of collective experience in the semiconductor industry defining leading edge deep sub-micron system-on-chip (SoC) architectures. ESS specializes in securing embedded platforms for consumer products.

ESS provides services to organizations developing complex SoC based systems that require embedded hardware security and offers a comprehensive security requirements analysis and architectural specification service. Such organisations use ESS to bring expertise that is often not available in house, speed development and avoid costly mistakes. In addition ESS offers a security evaluation serviceand can perform a comprehensive review of your product against a target threat model. ESS will work closely with your development teams to support implementation and ensure first time silicon success, ESS services include onsite/offshore support.

TVS Company Contact
Dr. Mike Bartley – TVS
+44 7796 307958
[email protected]

ESS Company Contact
Paul Elliott- ESS
+44-7598425476
[email protected]

Why ISO 27001 only sets the floor on cybersecurity?

We will highlight how compliance with standards such as ISO 27001 only sets a floor, not a ceiling on security. Everyone in modern organisations, including the executives, now need at least a basic understanding of cyber security to ensure their responsibilities are being discharged in good faith. We can win this struggle, but we have to understand the issues first.

Register for a free Web Application Security briefing here.

Perimeter Defences are not sufficient for building secure applications

The paradigm of perimeter (network-centric) defence is now unable to keep up with malicious innovations that target the web applications, and that method of protecting assets is approaching a technical dead-end. Even if you double spending on perimeter defence, only a small increase in security would be achieved, and the return on investment would be very poor. It is crucial that cyber-security spending is targeted at preventing the real threats to your organisations, and not misplaced into unbalanced defences purely due to tradition.

Register for a free Web Application Security briefing here.

Briefing on web application security

TVS are pleased to announce the availability of the slides and recording of our recent briefing on web application security from security expert Declan O’Riordan . Declan is Head of Security Testing at TVS and winner of the prestigious “Best Paper” and “Best Session” awards at the 2015 EuroSTAR conference on Software Testing

If your company writes or uses software connected to the internet then this briefing will inform you of the security threats you face, your responsibilities in respect of those threats and practical suggestions on how to discharge those responsibilities.

This briefing uses real-life case studies, including a $1 billion breach that cost the CIO and CEO their jobs, and what happens when businesses refuse to pay ransoms to criminal hackers that have taken control of supposedly secure systems.

recordings-button2

Direct Link to recording and presentation http://www.testandverification.com/conferences/app-security/security-briefing-jan-2015/

 

Web Application Security Testing: The What, Why, Who & How?

By: Declan O’Riordan Head of Security Testing, TVS

declan-oriordan-thumbnail At this year’s EuroSTAR conference on software Testing (Dublin, Nov 24-27) I presented on web application security and how it is completely different to traditional mainframe testing. If you’re not familiar with SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery or a host of other ways of attacking your system and applications, then this was the talk for you. In the talk I covered:

  • What web application security testing is
  • Why it’s important
  • Who should be doing it
  • How it should be done

Continue reading