- Company (that provides the nominated product / solution / service): Denim Group
- Website: http://www.denimgroup.com
- Company size (employees): 70
- Product Version Number: ThreadFix 2.4
- Type of solution: Software
- Year this product or service was first introduced to the market: 2012
- Year the current version of this product or service has been released: 2016
- Approximate number of users worldwide: 100+ of the largest enterprise clients in the US representing banking, financial services, retail and other high-visibility industry sectors.
In 3 bullets, summarize why this product or service deserves recognition
• ThreadFix fully automates what used to be a manual process of collecting, communicating, and remediating sensitive application vulnerability information.
• ThreadFix automation accelerates application vulnerability remediation by 40% and provides the first-to-market capability to map dynamic to static scanning results.
• ThreadFix feeds application vulnerability data into GRC systems, providing executives, for the first time, unparalleled visibility into software risk for the organization.
In less than 300 words, summarize the most important features and benefits of this product or service
ThreadFix addresses the concern of fixing critical vulnerabilities in software applications by accelerating the process of software vulnerability remediation by up to 40%. This acceleration enables clients to build and deploy software faster while protecting sensitive customer data from the most sophisticated hackers.
ThreadFix aggregates vulnerability scanning results from a variety of disparate testing technologies to provide, for the first time, a common view of software vulnerabilities across the organization.
ThreadFix takes what used to be purely manual process and automates it, enabling software risk managers to quickly consolidate application vulnerability scan reports in a common console. The ThreadFix platform also provides application vulnerability data to leading IDE, defect trackers, and Governance, Risk and Compliance (GRC) tools to provide better executive level visibility into organization software risk.
ThreadFix is designed to give software risk managers the capability to have a common “pane of glass” for application security, and to elevate conversations on software risk with software development leaders.
Notably, ThreadFix has patent pending technology which can point to the exact line of source code responsible for an application vulnerability that has been identified by a dynamic security scan. This new capability and ThreadFix’s new IDE (integrated developer environment) plug-in bridges a challenging communications gap between security and software development teams that can dramatically simplify and accelerate the time-to-fix of critical application vulnerabilities.
ThreadFix also offers another groundbreaking new feature in the Enterprise edition which enhances compliance efforts, by providing dynamic scan orchestration capabilities. By offering a central facility that can store scan configurations for a variety of vendor scanner technologies, ThreadFix enables software risk managers to schedule vulnerability testing using multiple dynamic scanners without the need for human intervention at every step of the process.