Onward Security HERCULES SecFlow
Promote this Nomination
Photo Gallery
![]() |
![]() ![]() |
Onward Security HERCULES SecFlow



Additional Info
Company (that provides the nominated product / solution / service) | Onward Security |
Website | https://www.onwardsecurity.com/ |
Company size (employees) | 50 to 99 |
Type of solution | Cloud/SaaS |
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:- User Behavior Learning and adaptive Feature - Security Vulnerability Information and Solution - Pro-active Security Event Monitor |
Brief Overview
HERCULES SecFlow is a leading security management platform, providing security information process management, comprehensive security vulnerability database, and pro-active security event monitor.
The system of HERCULES SecFlow can be applied in the following four phases of Secure Software Development Lifecycle (SSDLC); Design, Implementation, Testing, and Maintenance. Design phase covers the security issue to inspect the requirement and compliance of security, and the risk model of this phase is used to verify the integrity of the security test plan. Implementation supports the relevant security development to follow the guideline and ensure the correct implementation is used. Testing focuses on multiple security testing to ensure the safety of products. The last phase, Maintenance, includes incident notification, proactive notification, and incident tracking. The four phases applied in the system of HERCULES SecFlow assist the team to integrate security development process and adopt SSDLC.
The development team applies HERCULES SecFlow with SSDLC to obtain the vulnerability information and solve product security issues effectively. HERCULES SecFlow helps the development team establishes the software security development process to comply with the requirement and compliance of security, including ISO27001, ISO27034, IEC62443, OpenSAMM, and NIST SP800-64 standard.
HERCULES SecFlow will update the built-in CVE and Non-CVE vulnerability information automatically and regularly to ensure that the other is up-to-date for users. The proactive notification mechanism provides the latest vulnerability and a security issue for users and filters out the information that users concern via E-mail notification by adopting advanced technology for data collection.
The intelligent technology of the security management system combines vulnerability database, security issue, and incident analysis of the product, which allows developers to respond to issue immediately, reduce the risk of the incident and minimize the impact on the enterprise.