ABOUT HAWK NETWORK DEFENSE, INC.

In today's information driven global economy, industries rely upon customized software tailored specifically to meet consumer and business needs. Software development has become a necessity for providing faster information and reducing overall production and manufacturing costs. Unfortunately, these benefits are not without risk. For many industrial markets, software applications have become a major contributing factor and therefore, are a major contributing layer of security risk if implemented incorrectly or designed without security in mind. The same availability, speed, and comfort these solutions offer are equally matched with a plethora of security risks from a design and development perspective, as well as from an administration and implementation approach.

Traditionally, software development efforts in large corporations have been about as far removed from information security as they were from human resources or any other business function. Software development has also had the tendency to be highly distributed among business units and thus not even practiced in a cohesive and coherent manner. In the worst cases, busy business unit executives trade roving bands of developers like collector cards in a fifth-grade classroom.

With the coming of a new age, come greater expectations. It is vital to place extreme importance on security. Security vulnerabilities result from defects introduced during the design and development phases of an application's development cycle. Research has been done by CERT Coordination Center, "reporting over 90% of software security vulnerabilities are caused by known software defect types". Most software vulnerabilities arise from common causes: the top 10 causes account for 75% of all security related vulnerabilities. These vulnerability categories have been researched and documented, and if approached properly, can be avoided from the beginning.

Still not at risk?

Statistics report for those companies lacking a focus on security can be affected by having one defect being implemented for every 7 to 10 lines of new and changed code. If 99% of these defects are removed, this leaves 1 to 1.5 flaws in every thousand lines of code (Average: between 1 to 7 defects per 1,000 lines).

One question you have to ask yourself is how much importance do you place on your marketing value? Can your company risk being on the front page of the Wall Street Journal, after being negatively affected by a major application security risk or flaw implemented in your application? This is the same enterprise solution that sells to your clients, based not only on once previously viewed reliability but also faith in your solution and support. Being affected by a security risk can likely damage your credibility and reduce your overall marketing value significantly.

Who Are We?

HAWK Network Defense, Inc. is an application and network security consulting company that recognizes the strengths of an organization built upon cutting-edge technology and the commitment to providing a seamless transition between insecure coding practices to a sound commitment for secure coding. We specialize in application and security consulting, intrusion detection and correlation, and application code security auditing. Our researchers are highly trained professionals with countless years in the information security industry and have found significant security related vulnerabilities in a number of high profile, enterprise applications. Our contributions to the information security industry represent our small part to the commitment of securing our present technologies.

We offer a multitude of information security focused services including application auditing, hardening, and compliancy checks. Why not become proactive in hardening your enterprise applications for your own benefits as well as your clients' benefits? Our solution is twofold: We will help you structure your Software Development Life Cycle to ensure security checks are in place in every stage of the SDLC, as well as audit your source-code or closed-source application for security related vulnerabilities.