SCOTTSDALE, ARIZONA — June 10, 2014
SiteLock LLC (www.sitelock.com), the global leader in website security and PCI compliance, announced the launch of TrueCode, a new service that conducts Static Application Security Testing (SAST) to automatically detect vulnerabilities in applications, before or after they are put into production.
Application development security testing, particularly for small to midsize companies, is often overlooked. Or, in many cases, it’s considered a luxury due to the price tag that has historically accompanied such comprehensive testing. And industry research suggests that 87-90% of web applications fail to address the OWASP top 10 threats, many of which are detected by SAST. In addition, of more than 1,300 data breaches last year, the biggest category (25%) was web applications, according to the Data Breach Investigation Report recently published by Verizon.
TrueCode, the SiteLock static web application testing solution, acts like spell-check for application code and identifies the source of the problem, or potential problem, while highlighting the exact line(s) of code that need to be addressed. The service is entirely cloud-based and extracts a copy of the application code, storing it temporarily on SiteLock servers while testing so that there is no resource load or downtime risk on the client side. For companies with limited technical understanding or development staff, the SiteLock expert services team can even help address the application vulnerabilities before returning the secure code to the client. Making sure that application code is clean before production launch can accelerate the clients’ time to market and increase the ability to meet regulatory compliance requirements, while reducing the risk of infection for website visitors and application users.
Static application security testing is particularly important for small and mid-size businesses, because it eliminates the trade-off previously required between comprehensive testing and the server load for those who host their websites in multi-tenant environments that have restrictions or fees for excessive usage of IO, bandwidth and other server resources.
"At SiteLock, we are continuously looking for the next area of risk exposure for our customers’ online businesses to help protect them," said Neill Feather, President of SiteLock. "As we have seen the rise of web application development, particularly by using third-party and open-source code, we identified a gap in vulnerability detection that was in great demand across the SMB market. There are so few tools and services designed for them at an affordable price and at SiteLock, we want to break that mold. We believe that security should be available to every online business and the introduction of TrueCode is another step toward that goal."
TrueCode is now available to the SiteLock customer base, which is more than 1 million websites strong, and can be purchased by new customers either stand-alone or as part of a customized security package.
For additional information regarding the SiteLock website security suite, visit www.sitelock.com.
SiteLock (www.sitelock.com / @SiteLock) is a global website security technology and services leader, with more than 1,000,000 websites protected. SiteLock finds, fixes and helps prevent malware and other threats from affecting websites and their visitors. The SiteLock 360-degree website security services include malware and vulnerability scanning, automatic malware removal, advanced website protection through a web application firewall, website acceleration powered by a global CDN as well as PCI Compliance and expert services that are available 24/7. Each subscription to the service includes the SiteLock Trust Seal, which is proven to increase sales and conversions by more than 10%. As a member of a number of cybercrime awareness and prevention associations, including the Anti-phishing Working Group (APWG), the Online Trust Alliance (OTA) and StopBadware.org, SiteLock continually strives to educate the small business market about the risks to their websites and help prevent them. SiteLock was founded in 2008 and is headquartered in Jacksonville, Florida with offices in Scottsdale, Arizona and Boston, Massachusetts. For more information, call +1.877.257.9263 or visit www.sitelock.com.