This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Corporate Supporter Bios"

From OWASP
Jump to: navigation, search
(updated scsk bio)
 
(408 intermediate revisions by 10 users not shown)
Line 1: Line 1:
 
Disclaimer: Corporate Supporter Bios are not endorsements and reflect the message of the supporter only.
 
Disclaimer: Corporate Supporter Bios are not endorsements and reflect the message of the supporter only.
{| border="1" cellpadding="2"
 
! scope="col" width="100" | Company
 
! scope="col" width="100" | Member Since
 
! scope="col" width="1000" | Company Description
 
! scope="col" width="100" | Contact
 
  
 +
== '''Elite Corporate Members''' ==
 +
{| class="wikitable"
 
|-
 
|-
| {{MemberLinks|link=http://www.accuvant.com|logo=Accuvant_Labs.jpg}} || || Accuvant LABS is the world's best and most respected attack and penetration team. Since 2002, Accuvant LABS has provided penetration testing, application and enterprise security assessments, vulnerability research and training to more than 2,000 clients across industry verticals. Experts from the team have won numerous awards and been featured by broadcast outlets and publications such as Ars Technica, Associated Press, BNN, CNN, Forbes, The New York Times, and The Wall Street Journal, among others, and regularly speak at top tier information security conferences.||www.accuvant.com  
+
| {{MemberLinksv2|link=https://www.allstate.com/|logo=All line hor tag cmyk pos.jpg}} ||Allstate Corporation is the largest publicly held personal lines property and casualty insurer in America, serving more than 16 million households nationwide.   Founded in 1931, Allstate has been dedicated to protecting our customers from life’s uncertainties and preparing them for the future for more than 85 years.   As the needs of our customers evolve, so does our technology and security practices to ensure our customers remain in good hands. ||https://www.allstate.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.acunetix.com|logo=Acunetix_logo_200.png}} || ||Acunetix is a leading provider of web security solutions and a pioneer in the development of web application security scanning technologies. Its engineers focused on web security as early as 1997 and developed an engineering lead in website analysis and vulnerability detection. The company was established in 2004 to combat the alarming rise in web attacks. In July 2005, the company announced the release of Acunetix Web Vulnerability Scanner (WVS) - a heuristic tool designed to replicate a hacker's methodology to find dangerous vulnerabilities, such as SQL injections and Cross-Site scripting, before hackers do. Acunetix WVS brings an extensive feature-set of both automated and manual penetration testing tools, enabling security analysts to perform a complete vulnerability assessment, and repair detected threats, with just the one product. The Acunetix development team consists of highly experienced security developers, all with extensive development experience in network security scanning software prior to working on Acunetix WVS. The management team is backed by years of experience in marketing and selling security software.Acunetix WVS includes many innovative features:Innovative AcuSensor Technology that allows accurate scanning with low false positives, by combining black box scanning techniques with feedback from its sensors placed inside the source code.An automatic JavaScript analyzer allowing for security testing of Ajax and Web 2.0 applications. Industry’s most advanced and in-depth SQL injection and Cross site scripting testing. Visual macro recorder makes testing web forms and password protected areas easy.Multi-threaded and lightning fast scanner able to crawl hundreds of thousands of pages without interruptions.Acunetix WVS understands complex web technologies such as SOAP, XML, AJAX and JSON.Acunetix Customers include the London Stock Exchange, Cisco, NASA, US Air Force, US Army PriceWaterhouseCoopers, KPMG, Deloitte, Sony, Bank of China, HSBC, Barclays, Deutsche Bank, The Pentagon, Nokia, Fujitsu, Skype, California Department of Justice, US Geological Service and many more. You can find us on Facebook at http://www.facebook.com/Acunetix.||www.acunetix.com
+
| {{MemberLinksv2|link=https://www.pwc.co.uk/cybersecurity|logo= Pwc.png}} ||Our purpose is to build trust in society and solve important problems. In today's digital world that requires a focus on cybersecurity in order to build a secure digital society. We help clients across society to understand their cybersecurity risk; build and assure their defenses; identify and respond to attacks, and to navigate the complex legal and regulatory environment for cybersecurity. For more information please visit www.pwc.co.uk/cybersecurity ||http://www.pwc.co.uk/cybersecurity
 +
|}
 +
 
 +
== '''Premier Corporate Members''' ==
 +
{| class="wikitable"
 +
| align="center" style="background:#f0f0f0;" scope="col" width="100" | '''Company'''
 +
| align="center" style="background:#f0f0f0;" scope="col" width="1000" | '''Company Description'''
 +
| align="center" style="background:#f0f0f0;" scope="col" width="100" | '''Contact'''
 +
|-
 +
| {{MemberLinksv2|link=http://www.adobe.com|logo=Adobe_logo_standard_for_Tasha.jpg|size=300px90px}} ||Adobe is the global leader in digital marketing and digital media solutions. Our tools and services allow our customers to create groundbreaking digital content, deploy it across media and devices, measure and optimize it over time, and achieve greater business success. We help our customers make, manage, measure, and monetize their content across every channel and screen. ||http://www.adobe.com/
 +
|-
 +
|{{MemberLinksv2|link=https://www.hackerone.com/|logo=HackerOne_Logo_.jpg}} ||HackerOne (www.hackerone.com) is the #1 hacker-powered security platform, helping organizations receive and resolve critical vulnerabilities before they can be exploited. More than 1,000 organizations, including the U.S. Department of Defense, U.S. General Service Administration, General Motors, Twitter, GitHub, Nintendo, Panasonic Avionics, Qualcomm, Square, Starbucks, Dropbox and the CERT Coordination Center trust HackerOne to find critical software vulnerabilities. HackerOne customers have resolved over 57,000 vulnerabilities and awarded over $22M in bug bounties. HackerOne is headquartered in San Francisco with offices in London and the Netherlands. ||https://www.hackerone.com/
 +
|-
 +
| |{{MemberLinksv2|link=https://www.netsparker.com/|logo=Netsparker-logo-transparent-h1000px-color.png}} ||Netsparker develops an industry leading automated web application security scanner. Available as Windows desktop software and as a Cloud service, the Netsparker scanner is very easy to use and its proof-based vulnerability scanning technology enables you to easily and automatically detect SQL Injection, Cross-site scripting and other vulnerabilities in your websites, web applications and web services. Netsparker’s unique scanning, detection and auto exploitation techniques allow it to be dead accurate. Therefore you do not have to waste time manually verifying the scanner’s findings and instead can focus on fixing the identified vulnerabilities. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank.  || https://www.netsparker.com
 +
|-
 +
| {{MemberLinksv2|link=http://www.qualys.com|logo=Qualys-1_-_small_(2).jpg}} || Qualys is a pioneer and leading provider of cloud-based security and compliance solutions. The Qualys Cloud Platform and its integrated apps - including Web Application Scanning (WAS) - help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence and automating the full spectrum of auditing, compliance, and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA).||https://www.qualys.com
 +
|-
 +
| {{MemberLinksv2|link=https://www.salesforce.com/|logo=Salesforce_logo.png|size=300px90px}} ||Salesforce is the world’s #1 customer relationship management (CRM) platform. Our cloud-based applications for sales, service, marketing, and more don’t require IT experts to set up or manage — simply log in and start connecting to customers in a whole new way. ||https://www.salesforce.com/
 +
|-
 +
| {{MemberLinksv2|link=http://www.signalsciences.com|logo= Sigsci-logo_primary_(1).png|size=300px90px}} ||Signal Sciences secures the most important web applications, APIs, and microservices of the world's leading companies. Our next-gen WAF and RASP help you increase security and maintain site reliability without sacrificing velocity, all at the lowest total cost of ownership. Learn how our patented approach can help you. ||http://www.signalsciences.com
 +
|-
 +
|||||
 +
|-
 +
|}
 +
 
 +
==''' Contributor Corporate Members '''==
 +
{| class="wikitable"
 +
| align="center" style="background:#f0f0f0;" scope="col" width="100" | '''Company'''
 +
| align="center" style="background:#f0f0f0;" scope="col" width="1000" | '''Company Description'''
 +
| align="center" style="background:#f0f0f0;" scope="col" width="100" | '''Contact'''
 +
|- '
 +
 
 +
|-
 +
| {{MemberLinksv2|link=http://www.acunetix.com|logo=Acunetix_logo_200.png‎|size=150x45px}} ||Acunetix’s team of experienced engineers developed a lead in website, web application, and Internet-facing server analysis and vulnerability detection. Available both on-premise and online, Acunetix uses deep crawling techniques to detect exploitable vulnerabilities such as SQL injection, and all forms of Cross-Site scripting – while providing concise vulnerability reports and information on how to fix them allowing you to protect your business against impending hacker attacks. Acunetix customers include Cisco, NASA, American Express, Sony, HSBC, The Pentagon, Skype, and many more. You can find us online at www.acunetix.com.||http://www.acunetix.com
 +
|-
 +
|{{MemberLinksv2|link=http://www.altitudenetworks.com/|logo=Altitude_Networks.jpg}} ||Altitude Networks tackles data security in the cloud to protect enterprises against unauthorized data access, accidental or malicious sharing to unintended individuals, and data theft.||http://www.altitudenetworks.com/
 +
|-
 +
|{{MemberLinksv2|link=https://aon.com/cyber-solutions|logo=Aon_Logo_Red_Tagline_RGB_-_Edited.png}} ||Aon’s Cyber Solutions offers holistic cyber security, risk and insurance management, investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.
 +
Cyber security services provided by Stroz Friedberg Limited and its affiliates. Cyber risk services provided by Aon UK Limited and its affiliates
 +
| https://aon.com/cyber-solutions
 +
|-
 +
|{{MemberLinksv2|link=https://www.arxan.com/|logo=Arxan-logo-stacked_tagline_CMYK.png}} ||Arxan, the global trusted leader of application protection solutions, delivers the confidence to build, deploy, and manage an organization’s most innovative and valuable applications. Currently protecting more than 1 billion application instances across industries including financial services, mobile payments, healthcare, automotive, gaming, and entertainment, the company provides the industry’s most comprehensive application protection solution. Unlike legacy security providers that rely on perimeter-based barriers to keep bad actors out, Arxan protects applications at the source and binary code level to expand the area of trust and provides a broad range of enterprise services and patented security capabilities such as code hardening, obfuscation, encryption, and Whitebox cryptography. Founded in 2001, the company is headquartered in North America with global offices in EMEA and APAC. ||https://www.arxan.com/
 +
|-
 +
|{{MemberLinksv2|link=https://avatao.com/|logo=Avataologo_blue.png}} ||Avatao is an online training platform for building secure software. It offers a rich library of hands-on IT security exercises for software engineers to teach secure programming from design to deployment in a fun and intuitive way. Educating for secure software can significantly improve software quality, increase trust in a company’s brand, reduce development costs and reduce the risks of suffering significant losses from cyber-attacks. In today’s world, secure software development practices are a basic requirement and we believe the solution should be integrated into the ground roots of software development teams. The platform can be used to provide security awareness to software engineers, to enrich existing IT security training, meetups or allow self-directed learning for continuous professional development. Avatao hackathons are also an excellent method to discover talented developers and engage and build brand awareness in the community. Avatao is a creation out of CrySyS Lab, world-renowned experts in IT security. Learning communities like business teams use Avatao for an improved and efficient learning experience. Mid-size and large software and financial companies use Avatao’s gamified online training to organize security hackathons, onboard new hires or upskill software developers to build secure software. The Avatao platform was publicly launched in 2016 for end-users and business customers. Initial customers include LogMeIn (US), Prezi (HU), Microsec (HU), Emarsys (HU), Photobox (UK), and many other companies are piloting the platform including Fortune 100 companies. Avatao currently has 5000+ users and 500+ exercises. ||https://avatao.com/
 +
|-
 +
|{{MemberLinksv2|link=https://www.avinetworks.com|logo=Avi_logo_White_hiRes.jpg}} ||Avi Networks completes enterprises’ digital transformation with its software load balancer, intelligent Web Application Firewall, and modern application services. The Avi Vantage Platform is deployed across data centers and clouds, delivering better elasticity, intelligence, and cost savings by providing granular per-tenant and per-app services. Customers enjoy 5X faster application rollouts, actionable analytics, and 70% lower costs. ||https://www.avinetworks.com
 +
|-
 +
| |{{MemberLinksv2|link=https://www.brinqa.com/|logo=Brinqa_Logo.png}} ||Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations are reducing response time to emerging threats, impact to the business, and technology risk and compliance costs by over 50% through real-time risk analytics, automated risk assessments, prioritized remediation, actionable insights, and improved communication. Founded in 2008 by industry leaders in risk management with a proven track record in delivering cutting edge, innovative and cost-effective solutions. Brinqa’s award-winning software and cloud services are trusted by fortune 500 companies across risk disciplines such as information technology risk, vendor risk, and regulatory compliance risk. Brinqa is headquartered in Austin, Texas and has a global presence. ||https://www.brinqa.com/
 +
|-
 +
| {{MemberLinksv2|link=https://www.bugcrowd.com/|logo=Bugcrowd-logo-150-50.png}} || ||https://www.bugcrowd.com/
 +
|-
 +
| {{MemberLinksv2|link=http://www.ca.com/us/default.aspx|logo=CA_logo_150x168px.jpg}} ||CA Technologies helps customers succeed in a future where every business—from apparel to energy—is being rewritten by software. From planning to development to management to security, at CA we create software that fuels transformation for companies in the application economy. Learn more at https://www.ca.com/us.html || https://www.ca.com/us.html
 +
|-
 +
| |{{MemberLinksv2|link=https://www.cequence.ai/|logo=Cequence-logo-blue-horizontal-full_-_Edited.jpg}} || Cequence Security is a venture-backed cybersecurity software company founded in 2015 and based in Sunnyvale, CA. Its mission is to transform application security by consolidating multiple innovative security functions within an open, AI-powered software platform that protects customers web, mobile, and API-based applications – and supports today’s cloud-native, container-based application architectures.  The company is led by industry veterans that previously held leadership positions at Palo Alto Networks and Symantec. Customers include F500 organizations across multiple vertical markets, and the solution has earned multiple industry accolades. Learn more at www.cequence.ai. ||https://www.cequence.ai/
 +
|-
 +
| |{{MemberLinksv2|link=https://www.checkmarx.com/|logo=Checkmarx-logo-2019-horizontal - Edited.png}} ||Checkmarx is an Application Security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications. Amongst the company's 1,000 customers are 5 of the world's top 10 software vendors and many Fortune 500 and government organizations. Checkmarx CxSAST is a highly accurate and flexible Source Code Analysis product that allows organizations to automatically scan a un-compiled/un-built code and identify hundreds of security vulnerabilities in the most prevalent coding languages. Learn more at www.checkmarx.com.  ||https://www.checkmarx.com
 +
|-
 +
| {{MemberLinksv2|link=http://codedx.com/|logo=CodeDx-logo (1) (1).png|size=150x45px}}  ||Code Dx is committed to reducing barriers to effective application security. Our automated application vulnerability correlation and management tools help find and fix insecure code faster, with less effort and a smaller team. Focus your precious resources on developing valuable new features, and ship secure code faster and more often. For more information, please visit https://codedx.com/ ||https://codedx.com/
 +
|-
 +
| {{MemberLinksv2|link=https://www.contrastsecurity.com/|logo=Contrast_Logo_New.jpg}} ||Contrast Security delivers the world’s fastest application security software that eliminates the single greatest security risk to enterprises today. Industry research shows that application security flaws are the leading source of data breaches. Contrast can be deployed, automatically discover applications and identify vulnerabilities within seven minutes. Relying on sensors instead of expensive security experts, Contrast runs continuously and is 10 times more accurate than the competition. Unlike tedious, painful and slow legacy approaches, Contrast analyzes a complete portfolio of running applications simultaneously in real-time at any scale. As a result, organizations can act faster against threats and immediately reduce risk. More information on Contrast Security can be found at http://www.contrastsecurity.com/. || http://www.contrastsecurity.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.adobe.com|logo=Adobe_logo.png}} || || Adobe is changing the world though digital experiences. We help our customers develop and deliver high-impact experiences that differentiate brands, build loyalty, and drive revenue across every screen, including smartphones, computers, tablets and TVs. Adobe content solutions are used daily by millions of companies worldwide—from publishers and broadcasters, to enterprises, marketing agencies and household-name brands. Building on our established design leadership, we enable customers not only to make great content, but to manage, measure and monetize it for maximum impact.|| www.adobe.com
+
| {{MemberLinksv2|link= https://www.cybozu.com/|logo=Cybozu_Logo_2017.png}} ||Cybozu is a Japanese cloud computing vendor founded in 1997. Its service supports effective team collaboration hence our services are widely used from large-scaled teams like multinational enterprises to small-scaled teams like volunteer groups, clubs even families. “kintone” is one of the Cybozu’s key products released in 2011. It is called "no-code application platform" which makes work more productive through business applications. It is recognized as one of the leading vendors in” Gartner 2016 Enterprise application Platform as a Service (aPaaS), Worldwide Magic Quadrant”. Cybozu has been focusing on security enhancement. It has started "bug bounty project" in 2013 to find any vulnerabilities which may exist in its product in order to provide its customers with the most secure service possible. || https://www.cybozu.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.adp.com|logo=Adp.jpg}} || || ||www.adp.com
+
|{{MemberLinksv2|link= https://www.delltechnologies.com/en-us/index.htm |logo=DellTech_Logo_resized.png}} || Dell Technologies (NYSE: DELL) unique family of businesses that helps organizations and individuals build their digital future and transform how they work and live.  The company provides customers with the industry's broadest and most innovative technology and services portfolio spanning from edge to core to cloud.  The Dell Technologies family includes Dell, Dell EMC, Pivotal, RSA, SecureWorks, Virtustream and VMware. ||https://www.delltechnologies.com/en-us/index.htm
 
|-
 
|-
| {{MemberLinks|link=http://www.akamai.com|logo=Akamai_logo.gif}} || || ||www.akamai.com
+
| {{MemberLinksv2|link=http://www.denimgroup.com|logo=Dg_logo_stacked_hires_-_Edited.png}} ||Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.||http://www.denimgroup.com
 
|-
 
|-
| {{MemberLinks|link=http://www.amazon.com|logo=Amazon_Logo.jpg}} || ||Amazon.com, a Fortune 500 company based in Seattle, opened on the World Wide Web in July 1995 and offers Earth's Biggest Selection, where customers can find and discover anything they might want to buy online. The brightest minds come to Amazon to develop technology that improves the lives of shoppers and sellers around the world. Pioneering technical challenges of unprecedented scale and complexity, Amazon also provides developers access to Amazon's own back-end platform and in-the-cloud infrastructure. Examples include Amazon Elastic Compute Cloud, Amazon Simple Storage Service, Amazon SimpleDB, Amazon Simple Queue Service, Amazon Flexible Payments Service, and Amazon Mechanical Turk.|| www.amazon.com
+
| {{MemberLinksv2|link=https://duo.com/|logo=Duo_Logo_-_Green_(1).png}} ||Duo Security helps defend organizations against data breaches by making security easy and effective. Duo Beyond, the company's category-defining zero-trust security platform, enables organizations to provide trusted access to all of their critical applications, for any user, from anywhere, and with any device. The company is a trusted partner to more than 10,000 customers globally, including Dresser-Rand, Etsy, Facebook, K-Swiss, Random House, Yelp, Zillow, Paramount Pictures, and more. Founded in Michigan, Duo has offices in Ann Arbor and Detroit, as well as growing hubs in Austin, Texas; San Mateo, California; and London, UK.||https://duo.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.architectgroup.com|logo=Architectgroup 130131.png}} ||Feb 2013 ||ArchitectGroup, Inc. is one of the leading consulting providers of Information Technology services and business solutions in South Korea and China. Enterprise professionals service clients across diverse industries Telecommunication, Banking, Insurance, and Semi-conductor at major company like Samsung, GM, KT, Hyundai and LG etc…. Our vision is to achieve global IT services leadership in providing value-added high quality IT solutions to our clients in selected horizontal and vertical segments, by combining technology skills, domain expertise, process focus and a commitment to long-term client relationships. ArchitectGroup has a major focus on providing services on and around Security Service Engineering *Security Testing and Management Tool *Security Vulnerability Management Platform *Mobile Security Tool  Other Services include:*      Application Security Engineering Service *IT Infrastructure Management Services *Embedded Security Expert Program ||www.architectgroup.com
+
|{{MemberLinksv2|link=https://www.entrustdatacard.com/|logo=Entrust DataCard logo.png|size=150x45px}} ||Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure transaction technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates, and secure communications. With more than 2,000 Entrust Datacard colleagues around the world and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit www.entrustdatacard.com. ||https://www.entrustdatacard.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.aspectsecurity.com|logo=Aspect_logo_owasp.jpg}} || ||Aspect Security Founded in 2002, we are consulting firm focusing exclusively on application security. We help to ensure that the software that drives business is protected against hackers. Aspect’s Security Engineers analyze, test and validate approximately 5,000,000 lines of code a month, most of which are critical to the national infrastructure. Our work unearths over 10,000 vulnerabilities every year across a wide range of technologies and architectures. Our recommendations dramatically improve our clients’ security posture. We support a worldwide clientele with critical applications in the government, defense, financial, healthcare, services and retail sectors. Our educational division has taught tens of thousands of people around the world how to build, test and deploy secure applications making us a leader in application security training. Flexible delivery options include instructor-led training either in-person or via webcast, or, on-demand through our innovative eLearning curriculum. Aspect Security’s principals are pioneers in the field having started one of the world’s first application security practices in 1998. They conceived of several industry-leading standards such the OWASP Top Ten, WebGoat, the Application Security Verification Standard (ASVS), Risk Rating Methodology and Enterprise Security API (ESAPI).  These free and open materials are downloaded over 50,000 times a month. We are a founding member of the Open Web Application Security Project (OWASP) in support of educating organizations about the ever-changing threat landscape and how to properly build and secure applications.  Headquartered in Columbia, MD, our personnel is located throughout the United States serving our worldwide clientele. ||www.aspectsecurity.com
+
| {{MemberLinksv2|link=https://www.facebook.com/whitehat/report/|logo=Facebook-06-2015-Blue-on-White_(2).png}} ||Facebooks AppSec team is focused on discovering vulnerabilities and crafting creative solutions to eliminate them. We achieve this by doing code and design reviews, building tools, and automation, and manage our bug bounty program. Come to our booth to find out more and sign-up to win a FREE Oculus Go. ||https://www.facebook.com/whitehat/report/
 
|-
 
|-
| {{MemberLinks|link=http://www.astechconsulting.com|logo=Gif_at.gif}} || ||AsTech empowers clients to increase their security awareness and capability maturity in the SDLC, to better manage overall risk.  By understanding our clients’ unique risk appetites and business objectives, our security engineers bring strategic focus to application security initiatives.  AsTech provides source code and deployment assessment, penetration testing, continuous monitoring, vulnerability remediation and secure development training. ||www.AstechConsulting.com  
+
| |{{MemberLinksv2|link=https://www.fortinet.com/|logo=Fortinet-Logo-for-OWASP.png}} || ||https://www.fortinet.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.bayshorenetworks.com|logo=BayShoreNetworks.png}} || ||Bayshore Networks is the leading provider of high-end information assurance and security products for the defense industrial base, government and critical infrastructure organizations and commercial enterprise. Trusted by the worldʼs top defense contractors and developed exclusively in the United States, Bayshoreʼs flagship product SingleKey™ is a multi-protocol application firewall that secures all links and applications behind the DMZ. SingleKey blocks Advanced Persistent Threat (APT) actors and insider threats, mitigates vulnerabilities in SCADA industrial control systems and protects mission-critical applications. Bayshoreʼs threat management and analytics platform, SingleView™, manages and controls multiple SingleKeys in a highly distributed environment and provides real-time situational awareness and big data analytics about the highly sensitive digital assets of our defense and government customers. For more information follow Bayshore Networks on Twitter @bayshorenet || www.bayshorenetworks.com
+
|{{MemberLinksv2|link=https://www.gemalto.com/|logo=Gemalto_Logo.jpg}} || ||https://www.gemalto.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.bestbuy.com|logo=BestBuy_Logo_Resized.png}} || ||Best Buy Co., Inc.(NYSE: BBY) is a leading multi-channel global retailer and developer of technology products and services. Every day our employees - 180,000 strong - are committed to helping deliver the technology solutions that enable easy access to people, knowledge, ideas and fun. We are keenly aware of our role and impact on the world, and we are committed to developing and implementing business strategies that bring sustainable technology solutions to our consumers and communities. For information about Best Buy, visit www.bby.com and to shop at Best Buy, visitwww.bestbuy.com || www.bby.com
+
| {{MemberLinksv2|link=https://gosecure.net/|logo=Logo_Gosecure_(1).png}} || || https: / gosecure.  
 
|-
 
|-
| {{MemberLinks|link=http://www.blackhat.com|logo=Blackhat.png}} || || ||
+
|{{MemberLinksv2|link=https://www.here.com/en|logo=HERE_Logo_MFL_Horizontal_RGB.png|size=150x45px}} ||Mapping has always been about discovery. For centuries, two-dimensional maps guided us through the unknown to our destination. But we are no longer limited by the edges of our physical maps. In 1985, we began with the simple goal to digitize mapping and pioneer in-car navigation systems. Over the next three decades, as NAVTEQ and Nokia, we’ve built a legacy in mapping technology. Today, we're creating living three-dimensional maps that grow upwards, breathing with layers of information and insights. By partnering with world-leading automakers, we are powering 4 out of 5 in-car navigation systems in North America and Europe. But we’re not just on the road. We are capturing the world in three dimensions, readying for an autonomous future. And we’re looking beyond. From autonomous driving to the Internet of Things, we are building the future of location technology through strategic partnerships with industry leaders like Intel, NVIDIA, Mobileye, and Tencent.  With headquarters in Amsterdam and development sites that span Chicago to Berlin and across to Mumbai, we are a global team with a shared passion. From data scientists and software developers to product engineers and mapping specialists, we come together from many different backgrounds to build a better future for location technology. ||https://www.here.com/en
 
|-
 
|-
| {{MemberLinks|link=http://www.cargill.com|logo=Cargill.gif}} || || ||www.cargill.com
+
|{{MemberLinksv2|link=https://www.hisolutions.com/|logo=HiSolutions-Logo_150x45.jpg}} ||We combine know-how in the areas of security consulting, IT governance, risk & compliance with conceptual strength, innovation and implementation expertise. In addition to protecting applications and networks, our core competencies also include organizational tasks such as setting up security, risk, and service management system. HiSolutions AG is one of the leading consulting specialists for IT management and information security in Germany. More than 200 experts advise in the areas of security consulting, IT governance, business continuity management, and digitalization. We actively participate in the development of national and international standards and are involved in various research projects and university teachings. ||https://www.hisolutions.com
 
|-
 
|-
| {{MemberLinks|link=http://www.checkmarx.com|logo=Best_Resolution_-_Final_Logo_15%.jpg‎}} || ||Checkmarx is the developer of next generation Static Code Analysis (SCA) solutions.The company pioneered the concept of a query language-based solution for identifying technical and logical code vulnerabilities.Checkmarx provides the best way for organizations to introduce security into their Software Development Lifecycle (SDLC) which systematically eliminates software risk.
+
|{{MemberLinksv2|link=https://www.htbridge.com/|logo=High-Tech_Bridge.png}} ||High-Tech Bridge is a global provider of web and mobile Application Security Testing (AST) services. Our award-winning AST platform ImmuniWeb® combines the genius of Human Intelligence with the power of Artificial Intelligence and Machine Learning. ImmuniWeb® leverages Artificial Intelligence (AI) and Machine Learning (ML) for intelligent automation of application vulnerability scanning and acceleration of application penetration testing. High-Tech Bridge's security experts from our CREST-accredited SOC look for the most complicated application vulnerabilities and attack vectors in instant synchronization and correlation with automated vulnerability scanning. Invented by High-Tech Bridge, this type of hybrid security testing, enhanced with AI/ML, delivers the most comprehensive vulnerability detection rate, continuously reduces human intervention without impacting the quality of testing, and contractually guarantees zero false-positives to every customer. ||https://www.htbridge.com
The SAST solution streamlines the workflow of key stakeholders in the software development process, increasing their effectiveness in finding problems and reducing the need for costly professional services.
+
|-
The product enables developers and auditors to easily scan uncompiled / unbuilt code in all major coding languages anywhere, anytime. For CISOs, it means that securing applications in the enterprise is finally practical and achievable.
+
|{{MemberLinksv2|link=https://www.imperva.com/|logo=Imperva_logo.png}} ||Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Founded in 2002, we have enjoyed a steady history of growth and success, generating $264 million in 2016, with over 5,200 customers and more than 500 partners in 100+ countries worldwide.||https://www.imperva.com/
Application security testing is available in both On Premise and On Demand configurations. The security testing scans for the most prevalent security vulnerabilities as determined by OWASP Top 10, SANS, and other major standards.  
+
|-
Checkmarx was recognized by Gartner as sole visionary in their latest SAST magic quadrant and as Cool vendor in application security.Customers include multiple Fortune 500, government organizations and SMBs
+
|{{MemberLinksv2|link=http://www.informationbuilders.com|logo=IBI_Logo.jpg|size=150x45px}} ||Founded in 1975, Information Builders continues to deliver state-of-the-art technology that is transforming business in all commercial industries, government, and education. We remain one the largest independent, privately held companies in the software industry. Headquartered above Madison Square Garden in New York, Information Builders operates in more than 60 global locations and has built an active customer base of tens of thousands of major installations at the world's leading organizations. Information Builders is not only a major software supplier to our customers, but also a major provider to the leading software vendors in the industry including HP, IBM, Oracle, SAP, Teradata, and many others. In addition to our commitment to superior software engineering, we are equally proud of our people. Some of the most talented and creative professionals in the industry work at Information Builders and are passionate about what they do. In fact, the professionalism and tenure of our employees is often cited as a major differentiator by our customers. Our reputation for customer service has garnered us the highest honors from “CRM” magazine, the SSPA, and the American Business Awards. Our products and services have received top recognition from independent analyst research firms including Gartner, Forrester, Ventana Research, BARC, Butler, Bloor, and The Data Warehouse Institute (TDWI). Most importantly, our customers have received the most information technology and business awards for their accomplishments. More than 50 of our customers have had their information systems inducted into the Smithsonian Institute for superior information technology achievement through the Computerworld Honors Program. http://www.informationbuilders.com/about_us ||http://www.informationbuilders.com
|-  
 
| {{MemberLinks|link=http://www.cigital.com|logo=Cigital_OWASP.GIF}} || ||Cigital, Inc. is the leading software security consulting firm in the world. Established in 1992, Cigital plans and implements initiatives that help organizations ensure their applications are secure and reliable while also improving how they build and deploy software. Our recognized experts apply a combination of proven methodologies, tools, and best practices to meet each client’s unique requirements. Cigital is headquartered outside Washington, D.C. with regional offices in the U.S., Europe, and India. || www.cigital.com  
 
 
|-
 
|-
| {{MemberLinks|link=http://www.coresecurity.com|logo=Core_TM_wtag.png}} || ||The Power of Thinking Ahead As the leading provider of predictive security intelligence solutions, CORE Security answers the call of organizations demanding a proactive approach to eliminating business risk. Our solutions empower customers to think ahead, take control of their security infrastructure, and predict and prevent IT security threats. Organizations have to predict security threats – not just react to them Today, the majority of security spending is focused on solutions that take defensive or reactive approaches to threats. As a result, security teams are saddled with overwhelming amounts of disparate security data, tools that don’t communicate, and alerts that sound only after the damage has been done. Organizations that seek to survive and thrive must go on the offensive and predict and preempt threats before it’s too late. We empower organizations to preempt business risk At CORE Security, we believe the greatest risk organizations can take is to remain reactive to IT security threats. We therefore enable our customers to proactively identify critical threats and reveal risk in the context of specific business objectives, operational processes, and regulatory mandates. As a result, security teams not only predict threats but also more effectively communicate their implications to peers in the line of business. CORE Security Solutions CORE Insight Enterprise: Enterprise-class predictive security intelligence platform  Business risk identification, validation and prioritization,  Continuous threat simulation,Proactive threat replication. CORE IMPACT Professional: Comprehensive vulnerability assessment and testing software  Real-world, exploit-based security testing,  Network, web, client-side, wireless & mobile coverage CORE WebVerify: Web application testing software  Automated testing of custom web sites and applications,  Proactive identification of OWASP Top 10 threats CORE CloudInspect: Security testing SaaS for Amazon AWS cloud deployments- Affordable, on-demand cloud security assessment,  No prior Amazon authorization required CORE Services- Security consulting services,  Product implementation services,  Onsite and online training,      Customer support (24/7 available) CORE Security Benefits Align with corporate goals  Protect brand, reputation and valuation, Retain customers and avoid fines / penalties.  Align with performance objectives·        Prevent system downtime, Mitigate risks to intellectual property and customer data.  Comply with policies and regulations -  Address PCI, FISMA/NIST, HIPAA, SOX, GLBA, etc. Increase efficiency and effectiveness -  Increase security assessment scope and frequency, Optimize headcount and consulting resources. Practice process excellence- Conduct documented, repeatable security assessments, Validate security using established best practices. CORE Security helps more than 1,400 customers worldwide preempt critical security threats throughout their IT environments, and communicate related risk to the business. Our patented, proven, award-winning enterprise solutions are backed by more than 15 years of applied expertise from CoreLabs, the company’s innovative security research center. || www.coresecurity.com.
+
|{{MemberLinksv2|link=https://www.ipswitch.com/|logo=Ipswitch_logo.png}} ||Ipswitch is an IT management software developer for small and medium-sized businesses. The company was founded in 1991 and is headquartered in Burlington, Massachusetts and has operations in Atlanta (Alpharetta) and Augusta, Georgia, American Fork, Utah, Madison, Wisconsin and Galway, Ireland. Ipswitch sells its products directly, as well as through distributors, resellers, and OEMs in the United States, Canada, Latin America, Europe, and the Pacific Rim. ||https://www.ipswitch.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.dbappsecurity.com|logo=Dbapp_logo.jpg}} || ||DBAPPSecurity, Inc. OWASP global partner. A well known company focused on WEB Application security and Data security. They have hundreds of customers including many fortune 500, which cover the field like Financial, Telecom, Energy, Government etc. The products include WEB application vulnerability scanner, Database vulnerability scanner, WEB application firewall, Database Auditor and Log Auditor. They have very competitive solution for Data leakage, WEB defense, Compliance, and Cloud security. They also have well known security research team. || www.DBAppSecurity.com
+
|{{MemberLinksv2|link=www.iriusrisk.com|logo=Logo_irius_150_45.png}} ||IriusRisk makes DevSecOps a reality with its pioneering threat modeling and SDL risk management platform. IriusRisk is a powerful tool to ensure security is woven into the design phase and followed up into production. It operates as a central orchestration point for teams to threat model and manage risk with real-time updates throughout the SDL. Built for integration, simplicity, scale, and speed, IriusRisk is the glue to bind Security, Operations & Development together. IriusRisk is a trusted partner of some of the largest financial institutions in the world and we pride ourselves on being fast to adapt, agile, flexible, responsive and ahead of the curve. IriusRisk operates globally and stands ready to partner with you. Contact us for more information and to request a demo. || www.iriusrisk.com
 
|-
 
|-
| {{MemberLinks|link=http://www.denimgroup.com|logo=Denim_Group_Logo.gif}} || ||Denim Group is a custom software development firm skilled in large-scale development projects across multiple platforms, languages and applications. What makes Denim Group unique is that the company brings significant core competencies in software security to the table, offering an innovative blend of secure software development, testing and training capabilities that protect a company’s biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries. Its depth of experience building large-scale software development systems in a secure fashion has made the company's leaders recognized experts in their fields. Denim Group has been recognized as one of the 5,000 Fastest Growing Company's by Inc. Magazine several years in a row, and has won multiple awards including its recent accolades as one of the best places to work in San Antonio.||www.denimgroup.com
+
| {{MemberLinksv2|link=http://www.johnsoncontrols.com/content/us/en/products/building_efficiency/product-security.html|logo=Johnson_Controls.jpg}} ||Johnson Controls is a global diversified technology and industrial leader serving customers in more than 150 countries. Our 130,000 employees create quality products, services, and solutions to optimize energy and operational efficiencies of buildings; lead-acid automotive batteries and advanced batteries for hybrid and electric vehicles; and seating components and systems for automobiles. Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat. Through our growth strategies and by increasing market share we are committed to delivering value to shareholders and making our customers successful. In 2015, Corporate Responsibility Magazine recognized Johnson Controls as the #14 company in its annual “100 Best Corporate Citizens” list.||http://www.johnsoncontrols.com/content/us/en/products/building_efficiency/product-security.html
 
|-
 
|-
| {{MemberLinks|link=http://www.ddifrontline.com|logo=DDI Logo 150x45.GIF}} || ||Founded in 1999, Digital Defense, Inc. (DDI) is the premier provider of managed security risk assessment solutions protecting billions in assets for small businesses to Fortune companies in over 65 countries. DDI’s dedicated team of experts helps organizations establish a culture of security through regular information security assessments, awareness education and Decisive Security Intelligence. This proven method bolsters the capability of organizations to reduce risk and keep information, intellectual property and reputations secure. The combination of DDI’s certified Security Analysts, patent-pending scanning technology and proprietary cloud-based vulnerability management system, Frontline™ Solutions Platform, delivers the most powerful assessment results and remediation management solutions possible. ||www.ddifrontline.com
+
| {{MemberLinksv2|link=https://jscrambler.com/en/|logo=Jscrambler-logo.jpg}} ||Jscrambler is the leader in JavaScript Application Integrity and the only to offer RASP capabilities to your JS applications.As JavaScript becomes the standard for building websites, hybrid mobile applications, or other application types, most of the code is still completely exposed. With Jscrambler you can make your application self-defensive and resilient to both tampering and reverse-engineering attempts. Jscrambler is trusted by hundreds of companies (including Fortune 500) around more than 130 countries and is supported by a team of JS experts. ||https://jscrambler.com/en/
 
|-
 
|-
| {{MemberLinks|link=http://www.dreamlab.net|logo=DreamLab.jpg‎}} || ||Dreamlab Technologies AG Dreamlab Technologies is a leading company in developing and implementing individual solutions for integral security concerning your information, your organizations and your systems. Being a per­formance oriented and reliable partner, we ad­vise you independently and neutrally, we work ob­jectively verifiable, based on open standards, and we pass on our knowledge in an integral and in­tegrable way. Integral security stands for security as an overall package. For example, besides IT it also contains processes, ways of communication and structural measures. Integral information security is an important prerequisite in order to responsibly lead an or­ganization. ||www.dreamlab.net
+
|{{MemberLinksv2|link=https://www.kennasecurity.com/|logo=Kenna_Security_Logo.png}} ||Kenna Security provides a Risk and Vulnerability Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna accomplishes this by automating the integration of customer’s vulnerability scan data with exploit intelligence data from multiple sources, including 0-day data. Kenna then analyzes the data against active Internet breaches to identify the most critical threats before hackers can attack. 
 +
||https://www.kennasecurity.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.ey.com|logo=Ernst_&_Young_Logo_Resized.png‎}} || || ||www.ey.com
+
| {{MemberLinksv2|link=https://www.kiuwan.com/|logo=Kiuwan_Logo_150x45.png}} ||Kiuwan provides an end-to-end Software Analytics platform that offers objective data to make informed decisions to secure, analyze and control the entire SDLC of any application portfolio. With Kiuwan Code Security, the scope in threat mitigation is unparalleled, with over 4000+ custom rules, ability to suppress defects and create tailored action plans while meeting the most stringent industry standard requirements. In constant evolution, it boasts broad language support and integration with Jira, Jenkins, and Github to name but a few of the possibilities brought about by the platform. ||https://www.kiuwan.com/
 
|-
 
|-
| [{{MemberLinks|link=http://www.fico.com|logo=FICO-logo-108px.gif‎}} || ||FICO (NYSE:FICO) delivers superior predictive analytics solutions that drive smarter decisions. The company's groundbreaking use of mathematics to predict consumer behavior has transformed entire industries and revolutionized the way risk is managed and products are marketed. FICO's innovative solutions include the FICO® Score — the standard measure of consumer credit risk in the United States — along with industry-leading solutions for managing credit accounts, identifying and minimizing the impact of fraud, and customizing consumer offers with pinpoint accuracy. Most of the world's top banks, as well as leading insurers, retailers, pharmaceutical businesses and government agencies rely on FICO solutions to accelerate growth, control risk, boost profits and meet regulatory and competitive demands. FICO also helps millions of individuals manage their personal credit health through www.myFICO.com. Founded in 1956, FICO introduced analytic solutions such as credit scoring that have made credit more widely available, not just in the United States but around the world. We have pioneered the development and application of critical technologies behind decision management. These include predictive analytics, business rules management and optimization. We use these technologies to help businesses improve the precision, consistency and agility of their complex, high–volume decisions. ||www.fico.com
+
| {{MemberLinksv2|link=http://mediatrust.com/|logo=TMT_Horiz_ShieldLogo_RGBGradient-Tagline_-_Edited.png}} || ‎The Media Trust is on a mission: fixing the internet. To make the internet a healthier, more valuable place for businesses, governments and consumers, The Media Trust’s centralized platform provides real-time visibility and insight into non-compliant activity and threats operating in enterprise website and mobile app environments. With an emphasis on third-party code beyond libraries, the platform identifies all executing code (including code from first, third and nth parties), analyzes its behavior, assesses compliance with company policies, and resolves violating behavior. The ability to manage third-party digital risk helps defend against website breaches which can lead to regulatory fines, revenue loss, and reputational harm. ||http://mediatrust.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.fishnetsecurity.com|logo=Fishnet_Logo_AppSec.jpg}} || ||FishNet Security is the No. 1 provider of information security solutions that combine technology, services, support, and training.  We are the only nationally focused information security solutions provider with a full suite of professional services in Information Assurance, Security Integration, 24x7 Support, Managed Services,  and Training. Since 1996, we have been providing our clients with solutions to help them effectively manage risk, meet compliance requirements, and reduce cost, while maximizing security effectiveness and operational efficiency.Our commitment to information security excellence is unparalleled. We distinguish ourselves with the most comprehensive offering available in the market and a track record of delivering quality solutions to over 5,000 clients nationwide, FORTUNE 500 companies and global institutions alike. We serve customers in various industries, such as financial services, healthcare, government, retail, and technology.FishNet Security provides consulting services in a broad base of relevant information security domains. We have mature and established consulting practices that focus on the following: PCI Compliance, Governance, Risk, and Compliance, Incident Management, Security Assessment, Application Security, Network Security, Data Security and Privacy, Enterprise Mobility, and Identity and Access Management. Our Professional Services team is powered by experienced consultants that possess numerous certification designations, including CISSP, CISM, CISA, ISO Lead Auditor, PCI QSA, PCI PAQSA, NSA-IAM, and countless product-focused certifications. We actively grow, recruit, and retain the industry’s best security talent. We differentiate our services by providing security solutions that combine business acumen, technical expertise, real-world experience, and outstanding customer service. Our thought leadership is greatly valued by the security community and frequently featured in many publications and national conferences. Our company has experienced tremendous growth in the last few years and we expect to continue growing at that same pace. We will remain at the forefront in providing security solutions to our customers and enabling them to conduct their business successfully and securely. ||www.fishnetsecurity.com
+
|{{MemberLinksv2|link=https://about.mercari.com/en/|logo=Mercari_service_primary_horizontal_(1).png}} ||Mercari is a C2C marketplace app that makes it easy for people to safely sell and ship their things. Launched in 2013, it's now among the largest peer-to-peer selling platforms globally. From fashion to toys, shoes to electronics and beyond, Mercari's mission is to ‘create value in a global marketplace where anyone can buy and sell’. ||https://about.mercari.com/en/
 
|-
 
|-
| {{MemberLinks|link=http://www.gemalto.com|logo=Gemalto brand.jpg}} || ||About Gemalto: the world leader in digital security In an increasingly connected society, Gemalto is the leader in making digital interactions secure and easy Gemalto is at the heart of our evolving digital society. Billions of people worldwide increasingly want the freedom to communicate, travel, shop, bank, entertain and work – anytime, anywhere – in ways that are convenient, enjoyable and secure. We deliver on their expanding needs for personal mobile  services, identity protection, payment security, authenticated online services, cloud computing access, modern transportation, M2M communication, eHealthcare and eGovernment services.Our expertise spans the entire process for creating digital security solutions that embed the trust of our clients and their customers. We develop secure operating systems and run them on trusted devices – like UICC and smart cards, banking cards, ePassports, eID cards, tokens and other devices – which we assemble and personalize. We deploy the software for managing these, and the services they enable, throughout their life-cycle. And we innovate so our clients can offer more ways of enhancing the convenience and security of their end-users’ digital lives.|| www.gemalto.com
+
| {{MemberLinksv2|link=http://www.netspi.com|logo=NETSPI_Logo_2017_PNG-01.png|size=150x45px}} ||NetSPI is a privately held information-security consulting company founded in 2001. By using its consulting team's deep security knowledge and its CorrelatedVM vulnerability management & reporting solution, the company is a trusted advisor to large enterprises. NetSPI provides a range of assessment and advisory services designed to analyze and mitigate risks and ensure compliance with relevant regulations and industry standards. Clients include large financial services firms, retailers, healthcare organizations and technology companies. ||http://www.netspi.com
 
|-
 
|-
| {{MemberLinks|link=http://www.gdssecurity.com|logo=GDS_LOGO_SMALL.jpg}} || ||Gotham Digital Science (GDS) is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management. GDS clients number among the largest financial services institutions and software development companies in the world. GDS security specialists work with clients to assess risk and then design, build, and maintain secure applications, networks, and processes. With offices located in New York City and London, GDS seamlessly and efficiently assists clients with operations on both sides of the Atlantic. GDS is a member of CREST, the Council of Registered Ethical Security Testers, as well as a member of the UK Government CHECK scheme, allowing GDS to provide security assurance services to Her Majesty's Government and UK Critical National Infrastructure on systems processing protectively marked information. ||www.gdssecurity.com
+
|{{MemberLinksv2|link=https://www.nowsecure.com/|logo=NowSecure150x45.png}} ||Only the NowSecure Platform delivers automated 360-degree coverage of mobile app security testing with the speed and depth modern enterprises require. The world’s most demanding organizations and advanced security teams trust NowSecure to identify the broadest array of security, privacy, and compliance gaps in custom, third-party, and business-critical mobile apps. ||https://www.nowsecure.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.imperva.com|logo=Imperva_2color_RGB.jpg}} || || ||www.imperva.com
+
| {{MemberLinksv2|link=https://www.oneconsult.com/en/|logo=Oneconsult_2018_logo.png|size=150x45px}}||Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 1500+ completed [https://www.google.com/url?hl=en&q=https://www.oneconsult.com/en/references/&source=gmail&ust=1518265556865000&usg=AFQjCNGmU2gOkH7NZzNBJMr-Fa6VUzw5NQ security projects] worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 35+ highly [https://www.oneconsult.com/en/team/ qualified cyber security experts], including certified penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like [https://www.google.com/url?hl=en&q=https://www.oneconsult.com/en/penetration-test-en/&source=gmail&ust=1518265556866000&usg=AFQjCNHi0GC7EXHERYWB4vQF3qRgnoPMbg penetration tests / ethical hacking, real-life APT tests] and [https://www.oneconsult.com/en/iso-27001-security-audit/ ISO 27001 security audits]. In case of emergency, One consults [https://www.oneconsult.com/en/incident-response-it-forensics/ incident response & IT forensics] team supports you with around-the-clock expert assistance (24 h x 365 days).||English: https://www.oneconsult.com/en/
 +
Deutsch: https://www.oneconsult.com/de/
 
|-
 
|-
| {{MemberLinks|link=http://www.informationbuilders.com|logo=IBI_Logo.jpg}} || || ||www.informationbuilders.com
+
| {{MemberLinksv2|https://www.oracle.com/index.html|logo=Oracle_Logo_150_30.jpg}}||   ||https://www.oracle.com/index.html
 
|-
 
|-
| {{MemberLinks|link=http://www.ioactive.com|logo=IOA_logo_300-Transparent.jpg}} || ||IOActive Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, game, hardware, retail, financial, media, router, travel, aerospace, healthcare, high-tech, social networking, and software development organizations. As a home for highly skilled and experienced computer security professionals, IOActive attracts consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as BlackHat, Defcon, BlueHat, CanSec, Syscan, WhatTheHack, and 21c3. || www.ioactive.com
+
|{{MemberLinksv2|link= https://www.oxfordwebapps.co.uk/|logo=Oxfordwebapps-owasp-logo.png}} ||Since 1995 we have always developed the most up-to-date and progressive digital solutions designed to empower people. Our mission is to deploy the latest proven technology to deliver unique products with astounding performance. Our Oxford based team are responsible for delivering our full range of services which includes the design, development, hosting, supporting and testing of interactive Web Applications and websites.||https://www.oxfordwebapps.co.uk/
 
|-
 
|-
| {{MemberLinks|link=http://www.isc2.org|logo=ISC2 main logo-small.jpg}} || ||(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with over 87,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the CISSPÒ and related concentrations, CSSLPÒ, CAPÒ, and SSCPÒ credentials to qualifying candidates. More information is available at www.isc2.org ||www.isc2.org
+
|{{MemberLinksv2|link=https://www.panasonic.com/|logo=Panasonic_Logo.jpg}} ||100 years ago, Panasonic started with a desire to create things with value. Since then, the challenge has continued into various fields including home appliances to realize "A Better Life, A Better World".  
 +
Considering product security as part of quality management, we have strived to improve the security of products. Specific activities include threat analysis during the design process, and vulnerability testing before shipment. After shipment, Panasonic PSIRT: Product Security Incident Response Team works to respond to incidents toward a quick resolution.  
 +
To provide products that our customers can use with peace of mind, we will continue product security initiatives.
 +
||https://www.panasonic.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.mnemonic.no|logo=Mnemonic_securing_150.png}} || ||mnemonic is the leading independent provider of IT security professional services and 24x7 managed security services in the Nordics. We deliver a full range of integrated IT security services enabling all types of enterprise to protect their business including 7 of the top 10 companies in Norway. Our customers trust us to protect their assets because our scale, expertise, flexibility and agility allow us to meet their differing security requirements. mnemonic has around 110 staff, about 80 of whom are graduate-level consultants. The company was founded in 2000 and has offices in Oslo (HQ), Stavanger and Stockholm. Our business model is based on three Professional Services practices and a Managed Security Services division. With these four areas we offer services for the entire information security lifecycle from definition of security policy to security control design, implementation, support and operation. In addition, our Threat Intelligence team studies the evolution of advanced threats across the Nordic region so that we can keep our customers' businesses safe from attack. We complement these services by having partnerships with class-leading manufacturers of security technology allowing us to deliver complete solutions ||www.mnemonic.no
+
|{{MemberLinksv2|link=http://tech.pingan.com/en/|logo=PingAn_Logo.png}} ||Ping An Technology (PATech), a wholly-owned subsidiary of Ping An Group, is committed to using AI, intelligent cognition, blockchain, cloud and other cutting-edge technologies to create a new cloud-based human life. PATech is the high-tech core and tech business incubator among Ping An Group, and be responsible for the development and operation of the critical platforms and services for the Group.  As an independent entity, with smart technology as a means and smart manufacturing as a blueprint, PATech focuses on the finance, healthcare and smart city areas, applies the technological capabilities certified by international authoritative certifications to actual business scenarios. || http://tech.pingan.com/en/
 
|-
 
|-
| {{MemberLinks|link=http://www.mozilla.com|logo=Mozilla.png}} || || ||www.mozilla.com
+
| {{MemberLinksv2|link=http://www.rakuten.com|logo=Rakuten-Global-150x45_72dpi.JPG}} ||Rakuten, Inc. and its consolidated subsidiaries and affiliates ("Rakuten Group") are full-line Internet services companies. Since its founding in 1997, Rakuten, Inc. ("Rakuten") has spent a decade evolving its business model centered on e-commerce, to create a market completely new to Japan. The Rakuten Group is focusing on two approaches, in particular, to target growth in the decade to come. The first is to empower people and society through continuous innovation and business operations based on our five concepts of success. The second is to establish a "Rakuten eco-system" which enables us to maximize our customers lifetime value and leverage synergies. Guided by the key phrase "more than Web", the Rakuten Group is taking on the challenge of creating new value by driving convergence between the Internet and traditional "bricks and mortar" businesses. ||http://www.rakuten.com
 +
|-
 +
| {{MemberLinksv2|link=https://salt.security/ |logo=Salt_Logo@4x_-_Edited.png}} || Salt Security makes it safe to innovate by protecting the APIs at the core of every SaaS, web, mobile, microservices and IoT application. Our API Protection Platform is deployed in minutes, and requires no configuration or customization. We use patented behavioral protection to automatically and continuously discover and learn the granular behavior of each unique API to ensure protection. The company was founded in 2016 by alumni of the Israeli Defense Forces (IDF) and serial cybersecurity executives. In 2019 Salt Security was selected as a finalist for the RSA Innovation Sandbox and as the winner of the OWASP Innovation Fair. ||https://salt.security/
 
|-
 
|-
| {{MemberLinks|link=http://www.netspi.com|logo=Netspi_logo.png}} || ||NetSPI is a privately held information-security consulting company founded in 2001. By using its consulting team's deep security knowledge and its CorrelatedVM vulnerability management & reporting solution, the company is a trusted advisor to large enterprises. NetSPI provides a range of assessment and advisory services designed to analyze and mitigate risks and ensure compliance with relevant regulations and industry standards. Clients include large financial services firms, retailers, healthcare organizations and technology companies. || www.netspi.com
+
| {{MemberLinksv2|link=http://www.scsk.jp/index_en.html|logo=SCSK_Logo.jpg}} || SCSK provides a full lineup of services to support any area of IT solution required for businesses from system integration to IT infrastructure implementation, IT management, BPO(business process outsourcing), and IT hardware and software sales.In addition, we take advantage of the capability to support a global IT system network for customers including Sumitomo Corporation, aiming for further leaps ahead as a global IT services company. ||http://www.scsk.jp/index_en.html
 
|-
 
|-
| {{MemberLinks|link=http://www.nixu.com|logo=NIXU C12.jpg}} || ||We are Nordic’s largest specialist company in information security consulting. Nixu advises, builds, develops and inspects its customers’ information security capabilities as an independent advisor. Our goal is to ensure the continuity of our customer’s business and internet services by anticipating and preventing information security-related risks. We employ over 100 experienced information security consultants, technical experts and software developers, who form Nordics’ leading cluster of information security expertise. Over 20 years of information security and network experience ensure that Nixu is a trusted advisor for many large corporations and public sector organizations. || www.nixu.com
+
|{{MemberLinksv2|link=https://www.securebrain.co.jp/eng/|logo=SBC_Hitachi_Group1_-_Edited.png}} ||SecureBrain (A Hitachi Group Company) is a leader in providing software and services to help protect enterprises and their customers against cybercrime including online fraud and malware attacks.
 +
To ensure that our customers are always protected from the latest trend of cybercrime, SecureBrain has its own advanced security research center. Team of security researchers works closely with many Japanese government research agencies to research and develop solutions against the latest cyber threats.  
 +
||https://www.securebrain.co.jp/eng/
 
|-
 
|-
| {{MemberLinks|link=http://www.nokia.com|logo=Nokia.jpg}} || || ||www.nokia.com
+
|{{MemberLinksv2|link=https://www.securityjourney.com/|logo=Security_journeylogo_(1).png}}||Security Journey is the leader in application security education using security belt programs. We guide our clients – many in tech, healthcare, and finance – to building long-term, sustainable application security culture. We incorporate everything you need to deploy and manage an education program.
 +
Our cloud-based platform delivers application security lessons from an ever-growing library of content, provides hands-on, immersive experiments, measures student and organizational growth, rewards student achievements, and transforms an enterprise’s security culture.
 +
We promote security awareness organization-wide with learning that is engaging, motivating, and fun. In short, we provide security education developers, testers, and managers love. 
 +
||https://www.securityjourney.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.ntobjectives.com|logo=NT_Objectibves_Logo_Resized.png}} ||August 2012 ||NT OBJECTives (NTO) provides highly automated, comprehensive and accurate web application security software, services and SaaS. By dedicating more than 10 years to solving the most difficult application security challenges through automation, NTO’s software, SaaS and services solutions enable organizations to maximize both efficiency and effectiveness of their web application security programs. NTO customers appreciate NTO’s dedication, rapid response and personal service. NT OBJECTIVES is privately held with headquarters in Irvine, CA. Follow us on Twitter @ntobjectives. ||www.ntobjectives.com
+
|{{MemberLinksv2|link=https://securecodewarrior.com/|logo=Scw_white_v_(3).png}} ||Secure Code Warrior is a global security company that makes software development better and more secure. Our vision is to empower developers to be the first line of defense in their organization by making security highly visible and providing them with the skills and tools to write secure code from the beginning. We have built a powerful platform that moves the focus from reaction to prevention, training and equipping developers to think and act with a security mindset as they build and verify their skills, gain real-time advice and monitor skill development. Our customers include financial institutions, telecommunications providers and global technology companies in Europe, North America and the Asia Pacific. To learn more, visit https://securecodewarrior.com<nowiki/>.||https://securecodewarrior.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.oracle.com/us/support/assurance/index.html|logo=Oracle_logo.gif}} || ||Oracle With more than 380,000 customers—including 100 of the Fortune 100—and with deployments across a wide variety of industries in more than 145 countries around the globe, Oracle offers an optimized and fully integrated stack of business hardware and software systems that helps organizations overcome complexity and unleash innovationOracle engineers hardware and software to work together in the cloud and in your data center–from servers and storage, to database and middleware, through applications. Security is a key priority at Oracle. Encompassing every phase of the product development lifecycle, Oracle Software Security Assurance is Oracle's methodology for building security into the design, build, testing, and maintenance of its products. Oracle's goal is to ensure that Oracle's products, as well as the customer systems that leverage those products, remain as secure as possible. || www.oracle.com
+
| |{{MemberLinksv2|link=http://www.securitycompass.com/|logo=Securitycompass-stacked_(1).jpg}} ||Security Compass is a leader in helping customers proactively manage cybersecurity risk without slowing down their business.  Offering Advisory Services, Training, and SD Elements, an award-winning policy to procedure platform for security and compliance.  Security Compass enables organizations to rapidly and efficiently deliver technology that's secure by design. Security Compass serves some of the world's largest businesses including seven of the 15 largest financial institutions and four of the 10 largest technology companies in North America.  
 +
||http://www.securitycompass.com
 
|-
 
|-
| {{MemberLinks|link=http://www.pentasecurity.com/english/|logo=Pentasecurity_ci.png}} || ||Penta Security Systems Inc. is focused on providing end-to-end security solutions. Founded in 1997, Penta Security has been Korea’s leading IT security vendor for the past five years. As one of South Korea’s earliest IT security pioneers and developers, we remain committed to enhancing data and web security not just within Korea, but also worldwide.Penta Security currently offers multiple security products: a data encryption and access control suite (D’Amo), a Single-Sign-On platform (ISign Plus), a key management solution, and both a hardware and virtual web application firewall (WAPPLES). Some of Penta’s clients include household names such as Samsung, LG, Nikon, and Meritz. Penta Security Systems operates from its headquarters in Seoul, South Korea--with a branch office in Tokyo, Japan and various partnerships throughout Southeast Asia. ||www.pentasecurity.com
+
| {{MemberLinksv2|link=https://securityinnovation.com|logo=Security_Innovation.png}} || Security Innovation is a pioneer in software security and trusted advisor to its clients. Since 2002, organizations have relied on our assessment and training solutions to make the use of software systems safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud. The company’s flagship product, [https://www.securityinnovation.com/training/cmd-ctrl-cyber-range-security-training/ CMD+CTRL Cyber Range], is the industry’s only simulated Web site environment designed to build the skills teams need to protect the enterprise where it is most vulnerable – at the application layer. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit [https://www.securityinnovation.com/ www.securityinnovation.com] or connect with us on [https://www.linkedin.com/company/security-innovation/ LinkedIn] or [https://twitter.com/secinnovation Twitter].
 +
||https://securityinnovation.com
 
|-
 
|-
| {{MemberLinks|link=http://www.praetorian.com|logo=Praetorian_Logo_150x45.png}} || ||Praetorian is an information security provider and research center that provides risk assessment, penetration testing, secure software development, computer forensics, and security education services. Our mission is to help our clients understand and minimize their overall risk and liability. Through our assessment services, your organization can obtain an accurate, independent security evaluation. Through our advisory offerings, we can help your organization build, define, communicate, and enforce a comprehensive security strategy. As an independent security firm, Praetorian builds its reputation on our expertise, integrity, professionalism, and client satisfaction. As a boutique firm, Praetorian must distinguish itself by the quality of its service and the technical prowess and business acumen of its consultants. Subsequently, Praetorian only considers the top five percent from the security industry for employment. Our consultants come from a wide range of backgrounds and specialties. All consultants come from a computer science or engineering discipline and many consultants have obtained masters and doctorates. Our team members include published authors, open source developers, industry researchers, and conference presenters. || www.praetorian.com
+
| {{MemberLinksv2|link=https://blog.shiftleft.io/|logo=ShiftLeft.png}} ||ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines next-generation static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code- informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. || https://blog.shiftleft.io/
 
|-
 
|-
| {{MemberLinks|link=http://www.protiviti.com|logo=Protiviti.jpg}} || ||Protiviti is a global business consulting and risk consulting firm composed of experts specializing in risk, advisory and transaction services. The firm helps solve problems in finance and transactions, operations, technology, information security & privacy, litigation, governance, risk, and compliance. Protiviti's highly trained, results-oriented professionals provide a unique perspective on a wide range of critical business issues for clients in the Americas, Asia-Pacific, Europe and the Middle East. Protiviti has more than 70 locations worldwide and is a wholly owned subsidiary of Robert Half International Inc. (NYSE: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index. For additional information about Protiviti, Contact Rocco Grillo at rocco.[email protected] / 212.603.8381 || www.protiviti.com
+
| {{MemberLinksv2|link=http://www.sonatype.com|logo=Son_logo_main_vertical2x_-_Edited.png}} ||There are a staggering volume and variety of open source and third-party component parts flowing through every development environment in the world. If properly sourced and managed, these components are a tremendous source of energy for accelerating innovation. If not, they lead directly to security vulnerabilities, licensing risks, enormous rework, and waste. With over 120,000 installations and counting, Sonatype’s Nexus products are helping modern development organizations intelligently source, manage, assemble, and maintain open-source and third-party components, so they can improve the quality, security, and speed of their software supply chains.|| http://www.sonatype.com
 
|-
 
|-
| {{MemberLinks|link=http://www.pwc.com|logo=PWC_log_resized.png}} || || ||www.pwc.com
+
| {{MemberLinksv2|link=https://www.stackhawk.com/|logo=Stackhawk_long1x.jpg}} ||StackHawk is dynamic application vulnerability scanning built for modern development teams. With simple configuration, easy invocation via docker command, and interpretable results, StackHawk is built for developers to take control of their AppSec. Learn more at docs.stackhawk.com. ||https://www.stackhawk.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.qualys.com|logo=Qualys_Logo.gif}} || ||Qualys, Inc. is the pioneer and leading provider of information security and compliance cloud solutions with 5,500+ customers in 85 countries, including 51 of the Forbes Global 100. The QualysGuard Cloud Platform and integrated suite of applications helps businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). || www.qualys.com
+
| {{MemberLinksv2|link=https://snyk.io|logo=Copy_of_Snyk_Logo.png}}||Snyk is a developer-first security solution that helps you use open source code and stay secure. Building on its unique vulnerability database, Snyk continuously finds and fixes known vulnerabilities & license violations in open source dependencies and containers. Snyk integrates seamlessly into the developers’ workflow and enables them to own the open source security of their code thus supporting security at scale.||https://snyk.io/
 
|-
 
|-
| {{MemberLinks|link=http://www.quotium.com|logo=LogoQuotium.png}} || || ||
+
|{{MemberLinksv2|link=https://developer.springcm.com/|logo=SpringCM_Logo.png}} ||SpringCM delivers an innovative document workflow and management platform, powering the leading contract management application. SpringCM empowers companies to become more productive by reducing the time spent managing mission-critical business documents. Intelligent, automated workflows enable document collaboration across an organization from any desktop or mobile device. Delivered through a secure cloud platform, SpringCM’s document and contract management solutions work seamlessly with Salesforce or as a standalone solution. Every day, more than 600 companies use SpringCM to improve customer experience and get more done, faster. For more information about SpringCM, visit [http://www.springcm.com www.springcm.com]. ||https://developer.springcm.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.rackspace.com|logo=Rackspace_logo.png}} || || ||
+
| {{MemberLinksv2|link=https://www.symantec.com/https://www.symantec.com/|logo=NI-SYM_Horiz_web150x40.jpg}} ||Symantec Corporation (NASDAQ: SYMC), the world’s leading cybersecurity company, helps organizations, governments, and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud, and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For more information, please visit www.symantec.com. ||https://www.symantec.com
 
|-
 
|-
| {{MemberLinks|link=http://www.rakuten.com|logo=Rakuten-Global-150x45_72dpi.JPG}} || || ||
+
| {{MemberLinksv2|link=https://www.synopsys.com/|logo=Synopsys_Logo.jpg}} || Synopsys technology is at the heart of innovations that are changing the way we live and work. The Internet of Things. Autonomous cars. Wearables. Smart medical devices. Secure financial services. Machine learning and computer vision. These breakthroughs are ushering in the era of Smart, Secure Everything―where devices are getting smarter, everything’s connected, and everything must be secure. Powering this new era of technology are advanced silicon chips, which are made even smarter by the remarkable software that drives them. Synopsys is at the forefront of Smart, Secure Everything with the world’s most advanced tools for silicon chip design, verification, IP integration, and application security testing. Our technology helps customers innovate from Silicon to Software, so they can deliver Smart, Secure Everything. ||https://www.synopsys.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.salesforce.com|logo=Salesforce.jpg}} || || ||
+
|{{MemberLinksv2|link=https://www.tcell.io/|logo=TCell.io_logo.png}} ||tCell moves application security out of the network for cloud-first organizations. Using advanced runtime application self-protection technology, tCell protects applications in-production from XSS, Commandi, SQLi, Account Takeover, and OWASP Top 10 attacks. Whether an organizations’ applications are on-premises or cloud-based, tCell's unique approach makes application security easy.
 +
||https://www.tcell.io/
 
|-
 
|-
| {{MemberLinks|link=http://www.scs.co.jp/sys/|logo=Sys_scsk_logo_banner_3.jpg}} ||Dec 2012 ||Japan-based global IT service company, SCSK supplies the whole range of IT solutions, system integration to IT infrastructure implementation, IT management, BPO, IT hardware and software sales.Particularly in security field, SCSK offers full-line Web security solution which is prompt and accurate provision against up-to-date cyber attack with a service brand, “SECURE YOUR SITE ™”. On a mission to contribute to enterprises’ business, SCSK assures the safety of IT system with security-oriented consulting, system design, application development, security system implementation, operation and monitoring. SCSK SOC and CSIRT team strongly support enterprises’ stability on a 24/7 basis. ||www.scs.co.jp/sys/
+
|{{MemberLinksv2|link=http://www.thoughtworks.com|logo=ThoughtWorks Logo.png|size=150x45px}} ||We are a software company and community of passionate, purpose-led individuals. We think disruptively to deliver technology that addresses our clients’ toughest challenges, all while seeking to revolutionize the IT industry and create positive social change. ThoughtWorks' 3,000 professionals serve clients from offices in Australia, Brazil, Canada, China, Ecuador, Germany, India, Italy, Singapore, South Africa, Turkey, Uganda, the United Kingdom, and the United States.  ThoughtWorks releases a regular technology radar, a study that looks at the key trends that impact software development and business strategies. The Radar helps companies stay on top of topics that are constantly evolving, such as security, and offers insight and practical tools to build secure systems at every stage of the development process. ||http://www.thoughtworks.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.securityinnovation.com|logo=Securityinnovation.png‎}} || ||Security Innovation focuses on the most difficult problem of IT security, and the root cause of most data breaches – insecure software applications. For more than a decade, we have helped organizations like Microsoft, ING, GoDaddy.com, Progress Energy, Nike and others build internal expertise, uncover critical vulnerabilities, and integrate security into their software development lifecycle (SDLC).  The company's Application Security Risk solutions are based on the three pillars of a secure Software Development Lifecycle (SDLC), which feed into one another to create an ecosystem of repeatable, secure software development and deployment: Standards, Education, and Assessment.  Standards drive the need for education and continued assessments; Education ensures standards and assessments are applied correctly; and, Assessment results drive standards, education and improved tools usage. We deliver these solutions via our TeamMentor product, “out of the box” secure development best practices; our TeamProfessor product, over 100 hours of computer-based training; and our Professional Services which assess software applications & SDLC against industry standards. ||www.securityinnovation.com
+
| {{MemberLinksv2|link=https://www.twistlock.com/|logo=Twistlock_2017_Logo-Lockup_TM_RGB_copy.jpg}} ||Twistlock is the most complete, automated and scalable cloud native cybersecurity platform. Trusted by hundreds of customers worldwide, Twistlock uses the strengths of cloud native to provide better security for teams using Docker, Kubernetes, Lambda, Fargate, and other modern technologies. ||https://www.twistlock.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.seekersec.com|logo=55X80_seeker.PNG}} || || ||www.seekersec.com
+
|{{MemberLinksv2|link=https://vex.ubsecure.jp/lpen||logo=Ubsecure-logo.png}} ||UBsecure is a leading web application security company based in Japan since 2007. We offer various security solutions for web application and smartphone application by utilizing in-house developed application security testing tool, Vex. Vex built by a tremendous amount of experience in professional security scanning and by its continuous feedback. The unique characteristic of the tool is that it used as a stand-alone security testing tool as well as the seamless security testing component within the SDLC. Therefore, Vex is not only for professional security auditors but also for software developers who need secure development cycles. Please visit our site for more information about Vex.||https://vex.ubsecure.jp/lpen
 
|-
 
|-
| {{MemberLinks|link=http://www.symantec.com|logo=Symantec.png}} || ||Symantec was founded in 1982 by visionary computer scientists. The company has evolved to become one of the world’s largest software companies with more than 18,500 employees in more than 50 countries. We provide security, storage and systems management solutions to help our customers – from consumers and small businesses to the largest global organizations – secure and manage their information-driven world against more risks at more points, more completely and efficiently than any other company. || www.symantc.com/about/profile
+
|{{MemberLinksv2|link=https://www.ups.com/us/en/Home.page|logo=UPS.jpg}} || ||https://www.ups.com/us/en/Home.page
 
|-
 
|-
| {{MemberLinks|link=http://www.tenablesecurity.com|logo=Tenable_T.png}} || || ||www.tenablesecurity.com
+
|{{MemberLinksv2|link=https://www.veracode.com/|logo=VeraCode_logo.png}} || Veracode gives companies a comprehensive view of security defects so they can create secure software, and ensure the software they are buying or downloading is free of vulnerabilities. As a result, companies using Veracode are free to boldly innovate, explore, discover, and change the world.
 +
||https://www.veracode.com/
 
|-
 
|-
| {{MemberLinks|link=https://www.trustwave.com/application-security.php|logo=SPL-LOGO-SMALL.png‎}} || || Trustwave is a global leader in providing on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world. Trustwave SpiderLabs has helped thousands of businesses and organizations throughout the world secure data, optimize network assets and mitigate the risk of data loss through shortfalls in application security controls. SpiderLabs offer "white hat" or "ethical hacking" services such as penetration testing (application, network, wireless and social engineering) to identify any weaknesses in your current environment that can be exploited by hackers and also offers incident response and forensics services worldwide. Trustwave is headquartered in the United States in Chicago, Ill. with offices throughout Africa, Asia, Australia, Europe, North America and South America || www.trustwave.com
+
|{{MemberLinksv2|link=https://www.verizondigitalmedia.com/platform/edgecast-cdn/security/|logo=Verizon_Digital_Medial_Logo.jpg}} ||Verizon Digital Media Services offers a global, PCI-compliant content delivery network to protect websites, applications and user data at every layer. Integrated with our industry-leading platform, our Cloud Security Solution offers world-class protection, performance and scale to keep your business online. Our network features:
 +
*An advanced Web Application Firewall (WAF) to protect web applications against attacks
 +
*Robust DDoS protection with massive capacity to thwart the largest attacks
 +
*Bot mitigation to defend against automated threats and bad bots
 +
*Added protection for web servers to defend against direct-to-origin attacks
 +
*Built-in DNS protection with DNSSEC to prevent injection of fraudulent records
 +
*A security operations team ready to provide a fully managed security offering<br>
 +
Contact us today to learn more about our Cloud Security Solution or visit us at [http://www.verizondigitalmedia.com www.verizondigitalmedia.com].  
 +
||https://www.verizondigitalmedia.com/platform/edgecast-cdn/security/
 
|-
 
|-
| {{MemberLinks|link=https://www.ups.com/|logo=UPS.jpg}} || || ||www.ups.com
+
|{{MemberLinksv2|link=http://www.waratek.com/|logo=Warateklogo.jpg}} ||The Waratek ARMR Platform provides unique protection in the applications runtime environment. This unique security layer provides fast and accurate security in the compilation pipeline, providing protection that becomes part of your application – but never requires changes to source code.
 +
● Instantly apply code equivalent security patches to Java and .NET applications
 +
● Actively secure against the OWASP Top Ten / SANS 25 / Zero-Day vulnerabilities
 +
● Virtually upgrade & secure out-of-support, vulnerable Java applications.
 +
All with no source code changes or False Positives.
 +
||http://www.waratek.com/
 
|-
 
|-
| {{MemberLinks|link=https://www.veracode.com|logo=VeraCode_Resized.png}} || ||Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the Veracode Blog. ||www.veracode.com
+
|{{MemberLinksv2|link=https://wallarm.com/|logo=Wallarm Logo (1).png|size=150x45px}} || Wallarm delivers automated cloud-native application and API security throughout application development and deployment lifecycle.  
 +
Wallarm AI-powered Application Security Platform includes FAST for CI/CD-integrated security test automation during development and Advanced WAF attack blocking and vulnerability protection after deployment.  
 +
Wallarm platform aligns security and development into a unified pipeline:
 +
# Detects OWASP Top 10, 0 day and behavioral issues     
 +
# Provides highly accurate detection based on patent-pending technology     
 +
# Improves security test coverage by automatically generating and running tests     
 +
# Automates issue management with deep learning, policies and build in active rechecker     
 +
# Provide easy-to-manage multi-tenant multi-application unified management platform
 +
|| https://wallarm.com/
 
|-
 
|-
| {{MemberLinks|link=http://www.visiblerisk.com/|logo=Visible_Risk_Logo_Resized.jpg}} || ||VisibleRisk integrates with your security operations to identify any interesting or suspicious activity within your network. Our goal is to hunt and identify suspicious or malicious activity within your network to help you protect your enterprise and investments. Our expertise allows for maximum flexibility within your unique environment to effectively identify any adversaries that exist in your environment. || www.visiblerisk.com
+
| {{MemberLinksv2|link=https://www.whitehatsec.com/|logo=WhiteHat_2016_Primary_Logo.png}} ||WhiteHat Security is the leader in application security, enabling businesses to protect critical data, ensure compliance, and manage risk. Through a combination of technology, over a decade of intelligence metrics, and the judgment of people, WhiteHat Security provides complete web security at a scale and accuracy unmatched in the industry.||https://www.whitehatsec.com
 
|-
 
|-
| {{MemberLinks|link=https://www.whitehatsec.com/|logo=Whitehat.gif}} || ||WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company’s flagship product family, is the most accurate and cost-effective website vulnerability management solution available, delivering the visibility, flexibility, and control that organizations need to prevent website attacks. ||www.whitehatsec.com
+
|{{MemberLinksv2|link=https://www.whitesourcesoftware.com/|logo=Whitesource_logo.png}} ||WhiteSource helps software security teams manage open source components used in their products, automatically and continuously. It becomes part of your SDLC and automates the entire process of open source components selection, approval, and management, including finding and fixing vulnerable components.
 +
||https://www.whitesourcesoftware.com
 
|-
 
|-
| {{MemberLinks|link=http://www.wireharbor.com/|logo=WireHarbor_Logo_1.png}} ||Sept. 2012 ||WireHarbor Security Inc. (a Delaware Corporation), with its corporate headquarters located in Chicago, IL. is a leading provider of IT risk management solutions to corporations throughout the midwest. Our organization specializes in Application, Mobile and Network security assessment and risk mitigation for a wide range of companies. Our employees are dedicated to building long-term collaboration on your toughest security challenges. We aim to be the trusted partner in your information security success...” ||www.wireharbor.com
 
 
|}
 
|}

Latest revision as of 14:16, 21 November 2019

Disclaimer: Corporate Supporter Bios are not endorsements and reflect the message of the supporter only.

Elite Corporate Members

{{{size}}}       Allstate Corporation is the largest publicly held personal lines property and casualty insurer in America, serving more than 16 million households nationwide. Founded in 1931, Allstate has been dedicated to protecting our customers from life’s uncertainties and preparing them for the future for more than 85 years. As the needs of our customers evolve, so does our technology and security practices to ensure our customers remain in good hands. https://www.allstate.com/
{{{size}}}       Our purpose is to build trust in society and solve important problems. In today's digital world that requires a focus on cybersecurity in order to build a secure digital society. We help clients across society to understand their cybersecurity risk; build and assure their defenses; identify and respond to attacks, and to navigate the complex legal and regulatory environment for cybersecurity. For more information please visit www.pwc.co.uk/cybersecurity http://www.pwc.co.uk/cybersecurity

Premier Corporate Members

Company Company Description Contact
300px90px       Adobe is the global leader in digital marketing and digital media solutions. Our tools and services allow our customers to create groundbreaking digital content, deploy it across media and devices, measure and optimize it over time, and achieve greater business success. We help our customers make, manage, measure, and monetize their content across every channel and screen. http://www.adobe.com/
{{{size}}}       HackerOne (www.hackerone.com) is the #1 hacker-powered security platform, helping organizations receive and resolve critical vulnerabilities before they can be exploited. More than 1,000 organizations, including the U.S. Department of Defense, U.S. General Service Administration, General Motors, Twitter, GitHub, Nintendo, Panasonic Avionics, Qualcomm, Square, Starbucks, Dropbox and the CERT Coordination Center trust HackerOne to find critical software vulnerabilities. HackerOne customers have resolved over 57,000 vulnerabilities and awarded over $22M in bug bounties. HackerOne is headquartered in San Francisco with offices in London and the Netherlands. https://www.hackerone.com/
{{{size}}}       Netsparker develops an industry leading automated web application security scanner. Available as Windows desktop software and as a Cloud service, the Netsparker scanner is very easy to use and its proof-based vulnerability scanning technology enables you to easily and automatically detect SQL Injection, Cross-site scripting and other vulnerabilities in your websites, web applications and web services. Netsparker’s unique scanning, detection and auto exploitation techniques allow it to be dead accurate. Therefore you do not have to waste time manually verifying the scanner’s findings and instead can focus on fixing the identified vulnerabilities. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank. https://www.netsparker.com
{{{size}}}       Qualys is a pioneer and leading provider of cloud-based security and compliance solutions. The Qualys Cloud Platform and its integrated apps - including Web Application Scanning (WAS) - help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence and automating the full spectrum of auditing, compliance, and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). https://www.qualys.com
300px90px       Salesforce is the world’s #1 customer relationship management (CRM) platform. Our cloud-based applications for sales, service, marketing, and more don’t require IT experts to set up or manage — simply log in and start connecting to customers in a whole new way. https://www.salesforce.com/
300px90px       Signal Sciences secures the most important web applications, APIs, and microservices of the world's leading companies. Our next-gen WAF and RASP help you increase security and maintain site reliability without sacrificing velocity, all at the lowest total cost of ownership. Learn how our patented approach can help you. http://www.signalsciences.com

Contributor Corporate Members

Company Company Description Contact
Acunetix logo 200.png       Acunetix’s team of experienced engineers developed a lead in website, web application, and Internet-facing server analysis and vulnerability detection. Available both on-premise and online, Acunetix uses deep crawling techniques to detect exploitable vulnerabilities such as SQL injection, and all forms of Cross-Site scripting – while providing concise vulnerability reports and information on how to fix them allowing you to protect your business against impending hacker attacks. Acunetix customers include Cisco, NASA, American Express, Sony, HSBC, The Pentagon, Skype, and many more. You can find us online at www.acunetix.com. http://www.acunetix.com
{{{size}}}       Altitude Networks tackles data security in the cloud to protect enterprises against unauthorized data access, accidental or malicious sharing to unintended individuals, and data theft. http://www.altitudenetworks.com/
{{{size}}}       Aon’s Cyber Solutions offers holistic cyber security, risk and insurance management, investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.

Cyber security services provided by Stroz Friedberg Limited and its affiliates. Cyber risk services provided by Aon UK Limited and its affiliates

https://aon.com/cyber-solutions
{{{size}}}       Arxan, the global trusted leader of application protection solutions, delivers the confidence to build, deploy, and manage an organization’s most innovative and valuable applications. Currently protecting more than 1 billion application instances across industries including financial services, mobile payments, healthcare, automotive, gaming, and entertainment, the company provides the industry’s most comprehensive application protection solution. Unlike legacy security providers that rely on perimeter-based barriers to keep bad actors out, Arxan protects applications at the source and binary code level to expand the area of trust and provides a broad range of enterprise services and patented security capabilities such as code hardening, obfuscation, encryption, and Whitebox cryptography. Founded in 2001, the company is headquartered in North America with global offices in EMEA and APAC. https://www.arxan.com/
{{{size}}}       Avatao is an online training platform for building secure software. It offers a rich library of hands-on IT security exercises for software engineers to teach secure programming from design to deployment in a fun and intuitive way. Educating for secure software can significantly improve software quality, increase trust in a company’s brand, reduce development costs and reduce the risks of suffering significant losses from cyber-attacks. In today’s world, secure software development practices are a basic requirement and we believe the solution should be integrated into the ground roots of software development teams. The platform can be used to provide security awareness to software engineers, to enrich existing IT security training, meetups or allow self-directed learning for continuous professional development. Avatao hackathons are also an excellent method to discover talented developers and engage and build brand awareness in the community. Avatao is a creation out of CrySyS Lab, world-renowned experts in IT security. Learning communities like business teams use Avatao for an improved and efficient learning experience. Mid-size and large software and financial companies use Avatao’s gamified online training to organize security hackathons, onboard new hires or upskill software developers to build secure software. The Avatao platform was publicly launched in 2016 for end-users and business customers. Initial customers include LogMeIn (US), Prezi (HU), Microsec (HU), Emarsys (HU), Photobox (UK), and many other companies are piloting the platform including Fortune 100 companies. Avatao currently has 5000+ users and 500+ exercises. https://avatao.com/
{{{size}}}       Avi Networks completes enterprises’ digital transformation with its software load balancer, intelligent Web Application Firewall, and modern application services. The Avi Vantage Platform is deployed across data centers and clouds, delivering better elasticity, intelligence, and cost savings by providing granular per-tenant and per-app services. Customers enjoy 5X faster application rollouts, actionable analytics, and 70% lower costs. https://www.avinetworks.com
{{{size}}}       Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations are reducing response time to emerging threats, impact to the business, and technology risk and compliance costs by over 50% through real-time risk analytics, automated risk assessments, prioritized remediation, actionable insights, and improved communication. Founded in 2008 by industry leaders in risk management with a proven track record in delivering cutting edge, innovative and cost-effective solutions. Brinqa’s award-winning software and cloud services are trusted by fortune 500 companies across risk disciplines such as information technology risk, vendor risk, and regulatory compliance risk. Brinqa is headquartered in Austin, Texas and has a global presence. https://www.brinqa.com/
{{{size}}}       https://www.bugcrowd.com/
{{{size}}}       CA Technologies helps customers succeed in a future where every business—from apparel to energy—is being rewritten by software. From planning to development to management to security, at CA we create software that fuels transformation for companies in the application economy. Learn more at https://www.ca.com/us.html https://www.ca.com/us.html
{{{size}}}       Cequence Security is a venture-backed cybersecurity software company founded in 2015 and based in Sunnyvale, CA. Its mission is to transform application security by consolidating multiple innovative security functions within an open, AI-powered software platform that protects customers web, mobile, and API-based applications – and supports today’s cloud-native, container-based application architectures. The company is led by industry veterans that previously held leadership positions at Palo Alto Networks and Symantec. Customers include F500 organizations across multiple vertical markets, and the solution has earned multiple industry accolades. Learn more at www.cequence.ai. https://www.cequence.ai/
{{{size}}}       Checkmarx is an Application Security software company, whose mission is to provide enterprise organizations with application security testing products and services that empower developers to deliver secure applications. Amongst the company's 1,000 customers are 5 of the world's top 10 software vendors and many Fortune 500 and government organizations. Checkmarx CxSAST is a highly accurate and flexible Source Code Analysis product that allows organizations to automatically scan a un-compiled/un-built code and identify hundreds of security vulnerabilities in the most prevalent coding languages. Learn more at www.checkmarx.com. https://www.checkmarx.com
CodeDx-logo (1) (1).png       Code Dx is committed to reducing barriers to effective application security. Our automated application vulnerability correlation and management tools help find and fix insecure code faster, with less effort and a smaller team. Focus your precious resources on developing valuable new features, and ship secure code faster and more often. For more information, please visit https://codedx.com/ https://codedx.com/
{{{size}}}       Contrast Security delivers the world’s fastest application security software that eliminates the single greatest security risk to enterprises today. Industry research shows that application security flaws are the leading source of data breaches. Contrast can be deployed, automatically discover applications and identify vulnerabilities within seven minutes. Relying on sensors instead of expensive security experts, Contrast runs continuously and is 10 times more accurate than the competition. Unlike tedious, painful and slow legacy approaches, Contrast analyzes a complete portfolio of running applications simultaneously in real-time at any scale. As a result, organizations can act faster against threats and immediately reduce risk. More information on Contrast Security can be found at http://www.contrastsecurity.com/. http://www.contrastsecurity.com/
{{{size}}}       Cybozu is a Japanese cloud computing vendor founded in 1997. Its service supports effective team collaboration hence our services are widely used from large-scaled teams like multinational enterprises to small-scaled teams like volunteer groups, clubs even families. “kintone” is one of the Cybozu’s key products released in 2011. It is called "no-code application platform" which makes work more productive through business applications. It is recognized as one of the leading vendors in” Gartner 2016 Enterprise application Platform as a Service (aPaaS), Worldwide Magic Quadrant”. Cybozu has been focusing on security enhancement. It has started "bug bounty project" in 2013 to find any vulnerabilities which may exist in its product in order to provide its customers with the most secure service possible. https://www.cybozu.com/
{{{size}}}       Dell Technologies (NYSE: DELL) unique family of businesses that helps organizations and individuals build their digital future and transform how they work and live. The company provides customers with the industry's broadest and most innovative technology and services portfolio spanning from edge to core to cloud. The Dell Technologies family includes Dell, Dell EMC, Pivotal, RSA, SecureWorks, Virtustream and VMware. https://www.delltechnologies.com/en-us/index.htm
{{{size}}}       Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster. http://www.denimgroup.com
{{{size}}}       Duo Security helps defend organizations against data breaches by making security easy and effective. Duo Beyond, the company's category-defining zero-trust security platform, enables organizations to provide trusted access to all of their critical applications, for any user, from anywhere, and with any device. The company is a trusted partner to more than 10,000 customers globally, including Dresser-Rand, Etsy, Facebook, K-Swiss, Random House, Yelp, Zillow, Paramount Pictures, and more. Founded in Michigan, Duo has offices in Ann Arbor and Detroit, as well as growing hubs in Austin, Texas; San Mateo, California; and London, UK. https://duo.com/
Entrust DataCard logo.png       Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure transaction technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates, and secure communications. With more than 2,000 Entrust Datacard colleagues around the world and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit www.entrustdatacard.com. https://www.entrustdatacard.com/
{{{size}}}       Facebooks AppSec team is focused on discovering vulnerabilities and crafting creative solutions to eliminate them. We achieve this by doing code and design reviews, building tools, and automation, and manage our bug bounty program. Come to our booth to find out more and sign-up to win a FREE Oculus Go. https://www.facebook.com/whitehat/report/
{{{size}}}       https://www.fortinet.com/
{{{size}}}       https://www.gemalto.com/
{{{size}}}       https: / gosecure.
HERE Logo MFL Horizontal RGB.png       Mapping has always been about discovery. For centuries, two-dimensional maps guided us through the unknown to our destination. But we are no longer limited by the edges of our physical maps. In 1985, we began with the simple goal to digitize mapping and pioneer in-car navigation systems. Over the next three decades, as NAVTEQ and Nokia, we’ve built a legacy in mapping technology. Today, we're creating living three-dimensional maps that grow upwards, breathing with layers of information and insights. By partnering with world-leading automakers, we are powering 4 out of 5 in-car navigation systems in North America and Europe. But we’re not just on the road. We are capturing the world in three dimensions, readying for an autonomous future. And we’re looking beyond. From autonomous driving to the Internet of Things, we are building the future of location technology through strategic partnerships with industry leaders like Intel, NVIDIA, Mobileye, and Tencent. With headquarters in Amsterdam and development sites that span Chicago to Berlin and across to Mumbai, we are a global team with a shared passion. From data scientists and software developers to product engineers and mapping specialists, we come together from many different backgrounds to build a better future for location technology. https://www.here.com/en
{{{size}}}       We combine know-how in the areas of security consulting, IT governance, risk & compliance with conceptual strength, innovation and implementation expertise. In addition to protecting applications and networks, our core competencies also include organizational tasks such as setting up security, risk, and service management system. HiSolutions AG is one of the leading consulting specialists for IT management and information security in Germany. More than 200 experts advise in the areas of security consulting, IT governance, business continuity management, and digitalization. We actively participate in the development of national and international standards and are involved in various research projects and university teachings. https://www.hisolutions.com
{{{size}}}       High-Tech Bridge is a global provider of web and mobile Application Security Testing (AST) services. Our award-winning AST platform ImmuniWeb® combines the genius of Human Intelligence with the power of Artificial Intelligence and Machine Learning. ImmuniWeb® leverages Artificial Intelligence (AI) and Machine Learning (ML) for intelligent automation of application vulnerability scanning and acceleration of application penetration testing. High-Tech Bridge's security experts from our CREST-accredited SOC look for the most complicated application vulnerabilities and attack vectors in instant synchronization and correlation with automated vulnerability scanning. Invented by High-Tech Bridge, this type of hybrid security testing, enhanced with AI/ML, delivers the most comprehensive vulnerability detection rate, continuously reduces human intervention without impacting the quality of testing, and contractually guarantees zero false-positives to every customer. https://www.htbridge.com
{{{size}}}       Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Founded in 2002, we have enjoyed a steady history of growth and success, generating $264 million in 2016, with over 5,200 customers and more than 500 partners in 100+ countries worldwide. https://www.imperva.com/
IBI Logo.jpg       Founded in 1975, Information Builders continues to deliver state-of-the-art technology that is transforming business in all commercial industries, government, and education. We remain one the largest independent, privately held companies in the software industry. Headquartered above Madison Square Garden in New York, Information Builders operates in more than 60 global locations and has built an active customer base of tens of thousands of major installations at the world's leading organizations. Information Builders is not only a major software supplier to our customers, but also a major provider to the leading software vendors in the industry including HP, IBM, Oracle, SAP, Teradata, and many others. In addition to our commitment to superior software engineering, we are equally proud of our people. Some of the most talented and creative professionals in the industry work at Information Builders and are passionate about what they do. In fact, the professionalism and tenure of our employees is often cited as a major differentiator by our customers. Our reputation for customer service has garnered us the highest honors from “CRM” magazine, the SSPA, and the American Business Awards. Our products and services have received top recognition from independent analyst research firms including Gartner, Forrester, Ventana Research, BARC, Butler, Bloor, and The Data Warehouse Institute (TDWI). Most importantly, our customers have received the most information technology and business awards for their accomplishments. More than 50 of our customers have had their information systems inducted into the Smithsonian Institute for superior information technology achievement through the Computerworld Honors Program. http://www.informationbuilders.com/about_us http://www.informationbuilders.com
{{{size}}}       Ipswitch is an IT management software developer for small and medium-sized businesses. The company was founded in 1991 and is headquartered in Burlington, Massachusetts and has operations in Atlanta (Alpharetta) and Augusta, Georgia, American Fork, Utah, Madison, Wisconsin and Galway, Ireland. Ipswitch sells its products directly, as well as through distributors, resellers, and OEMs in the United States, Canada, Latin America, Europe, and the Pacific Rim. https://www.ipswitch.com/
{{{size}}}       IriusRisk makes DevSecOps a reality with its pioneering threat modeling and SDL risk management platform. IriusRisk is a powerful tool to ensure security is woven into the design phase and followed up into production. It operates as a central orchestration point for teams to threat model and manage risk with real-time updates throughout the SDL. Built for integration, simplicity, scale, and speed, IriusRisk is the glue to bind Security, Operations & Development together. IriusRisk is a trusted partner of some of the largest financial institutions in the world and we pride ourselves on being fast to adapt, agile, flexible, responsive and ahead of the curve. IriusRisk operates globally and stands ready to partner with you. Contact us for more information and to request a demo. www.iriusrisk.com
{{{size}}}       Johnson Controls is a global diversified technology and industrial leader serving customers in more than 150 countries. Our 130,000 employees create quality products, services, and solutions to optimize energy and operational efficiencies of buildings; lead-acid automotive batteries and advanced batteries for hybrid and electric vehicles; and seating components and systems for automobiles. Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat. Through our growth strategies and by increasing market share we are committed to delivering value to shareholders and making our customers successful. In 2015, Corporate Responsibility Magazine recognized Johnson Controls as the #14 company in its annual “100 Best Corporate Citizens” list.” http://www.johnsoncontrols.com/content/us/en/products/building_efficiency/product-security.html
{{{size}}}       Jscrambler is the leader in JavaScript Application Integrity and the only to offer RASP capabilities to your JS applications.As JavaScript becomes the standard for building websites, hybrid mobile applications, or other application types, most of the code is still completely exposed. With Jscrambler you can make your application self-defensive and resilient to both tampering and reverse-engineering attempts. Jscrambler is trusted by hundreds of companies (including Fortune 500) around more than 130 countries and is supported by a team of JS experts. https://jscrambler.com/en/
{{{size}}}       Kenna Security provides a Risk and Vulnerability Intelligence platform that accurately measures risk and prioritizes remediation efforts before an attacker can exploit an organization’s weaknesses. Kenna accomplishes this by automating the integration of customer’s vulnerability scan data with exploit intelligence data from multiple sources, including 0-day data. Kenna then analyzes the data against active Internet breaches to identify the most critical threats before hackers can attack.  https://www.kennasecurity.com/
{{{size}}}       Kiuwan provides an end-to-end Software Analytics platform that offers objective data to make informed decisions to secure, analyze and control the entire SDLC of any application portfolio. With Kiuwan Code Security, the scope in threat mitigation is unparalleled, with over 4000+ custom rules, ability to suppress defects and create tailored action plans while meeting the most stringent industry standard requirements. In constant evolution, it boasts broad language support and integration with Jira, Jenkins, and Github to name but a few of the possibilities brought about by the platform. https://www.kiuwan.com/
{{{size}}}       ‎The Media Trust is on a mission: fixing the internet. To make the internet a healthier, more valuable place for businesses, governments and consumers, The Media Trust’s centralized platform provides real-time visibility and insight into non-compliant activity and threats operating in enterprise website and mobile app environments. With an emphasis on third-party code beyond libraries, the platform identifies all executing code (including code from first, third and nth parties), analyzes its behavior, assesses compliance with company policies, and resolves violating behavior. The ability to manage third-party digital risk helps defend against website breaches which can lead to regulatory fines, revenue loss, and reputational harm. http://mediatrust.com/
{{{size}}}       Mercari is a C2C marketplace app that makes it easy for people to safely sell and ship their things. Launched in 2013, it's now among the largest peer-to-peer selling platforms globally. From fashion to toys, shoes to electronics and beyond, Mercari's mission is to ‘create value in a global marketplace where anyone can buy and sell’. https://about.mercari.com/en/
NETSPI Logo 2017 PNG-01.png       NetSPI is a privately held information-security consulting company founded in 2001. By using its consulting team's deep security knowledge and its CorrelatedVM vulnerability management & reporting solution, the company is a trusted advisor to large enterprises. NetSPI provides a range of assessment and advisory services designed to analyze and mitigate risks and ensure compliance with relevant regulations and industry standards. Clients include large financial services firms, retailers, healthcare organizations and technology companies. http://www.netspi.com
{{{size}}}       Only the NowSecure Platform delivers automated 360-degree coverage of mobile app security testing with the speed and depth modern enterprises require. The world’s most demanding organizations and advanced security teams trust NowSecure to identify the broadest array of security, privacy, and compliance gaps in custom, third-party, and business-critical mobile apps. https://www.nowsecure.com/
Oneconsult 2018 logo.png      ‎ Oneconsult group is your renowned Swiss cyber security services partner since 2003 with offices in Switzerland and Germany and 1500+ completed security projects worldwide. Get expert advice from an owner-managed and vendor-independent consultancy with 35+ highly qualified cyber security experts, including certified penetration testers (OPST, OPSA, OSCP, OSCE, GXPN), digital forensics specialists (GCFA, GCFE, GREM), ISO security auditors (ISO 27001 Lead Auditor, ISO 27005 Risk Manager) and dedicated IT security researchers to solve even your most demanding information security challenges. Together we address your external and internal threats such as malware infections, hacker attacks and APT as well as digital fraud and data leakage with core services like penetration tests / ethical hacking, real-life APT tests and ISO 27001 security audits. In case of emergency, One consults incident response & IT forensics team supports you with around-the-clock expert assistance (24 h x 365 days). English: https://www.oneconsult.com/en/

Deutsch: https://www.oneconsult.com/de/

link={{{link}}}       https://www.oracle.com/index.html
{{{size}}}       Since 1995 we have always developed the most up-to-date and progressive digital solutions designed to empower people. Our mission is to deploy the latest proven technology to deliver unique products with astounding performance. Our Oxford based team are responsible for delivering our full range of services which includes the design, development, hosting, supporting and testing of interactive Web Applications and websites. https://www.oxfordwebapps.co.uk/
{{{size}}}       100 years ago, Panasonic started with a desire to create things with value. Since then, the challenge has continued into various fields including home appliances to realize "A Better Life, A Better World".

Considering product security as part of quality management, we have strived to improve the security of products. Specific activities include threat analysis during the design process, and vulnerability testing before shipment. After shipment, Panasonic PSIRT: Product Security Incident Response Team works to respond to incidents toward a quick resolution. To provide products that our customers can use with peace of mind, we will continue product security initiatives.

https://www.panasonic.com/
{{{size}}}       Ping An Technology (PATech), a wholly-owned subsidiary of Ping An Group, is committed to using AI, intelligent cognition, blockchain, cloud and other cutting-edge technologies to create a new cloud-based human life. PATech is the high-tech core and tech business incubator among Ping An Group, and be responsible for the development and operation of the critical platforms and services for the Group. As an independent entity, with smart technology as a means and smart manufacturing as a blueprint, PATech focuses on the finance, healthcare and smart city areas, applies the technological capabilities certified by international authoritative certifications to actual business scenarios. http://tech.pingan.com/en/
{{{size}}}       Rakuten, Inc. and its consolidated subsidiaries and affiliates ("Rakuten Group") are full-line Internet services companies. Since its founding in 1997, Rakuten, Inc. ("Rakuten") has spent a decade evolving its business model centered on e-commerce, to create a market completely new to Japan. The Rakuten Group is focusing on two approaches, in particular, to target growth in the decade to come. The first is to empower people and society through continuous innovation and business operations based on our five concepts of success. The second is to establish a "Rakuten eco-system" which enables us to maximize our customers lifetime value and leverage synergies. Guided by the key phrase "more than Web", the Rakuten Group is taking on the challenge of creating new value by driving convergence between the Internet and traditional "bricks and mortar" businesses. http://www.rakuten.com
{{{size}}}       Salt Security makes it safe to innovate by protecting the APIs at the core of every SaaS, web, mobile, microservices and IoT application. Our API Protection Platform is deployed in minutes, and requires no configuration or customization. We use patented behavioral protection to automatically and continuously discover and learn the granular behavior of each unique API to ensure protection. The company was founded in 2016 by alumni of the Israeli Defense Forces (IDF) and serial cybersecurity executives. In 2019 Salt Security was selected as a finalist for the RSA Innovation Sandbox and as the winner of the OWASP Innovation Fair. https://salt.security/
{{{size}}}       SCSK provides a full lineup of services to support any area of IT solution required for businesses from system integration to IT infrastructure implementation, IT management, BPO(business process outsourcing), and IT hardware and software sales.In addition, we take advantage of the capability to support a global IT system network for customers including Sumitomo Corporation, aiming for further leaps ahead as a global IT services company. http://www.scsk.jp/index_en.html
{{{size}}}       ‎ SecureBrain (A Hitachi Group Company) is a leader in providing software and services to help protect enterprises and their customers against cybercrime including online fraud and malware attacks.

To ensure that our customers are always protected from the latest trend of cybercrime, SecureBrain has its own advanced security research center. Team of security researchers works closely with many Japanese government research agencies to research and develop solutions against the latest cyber threats.

https://www.securebrain.co.jp/eng/
{{{size}}}       Security Journey is the leader in application security education using security belt programs. We guide our clients – many in tech, healthcare, and finance – to building long-term, sustainable application security culture. We incorporate everything you need to deploy and manage an education program.

Our cloud-based platform delivers application security lessons from an ever-growing library of content, provides hands-on, immersive experiments, measures student and organizational growth, rewards student achievements, and transforms an enterprise’s security culture. We promote security awareness organization-wide with learning that is engaging, motivating, and fun. In short, we provide security education developers, testers, and managers love.

https://www.securityjourney.com/
{{{size}}}       Secure Code Warrior is a global security company that makes software development better and more secure. Our vision is to empower developers to be the first line of defense in their organization by making security highly visible and providing them with the skills and tools to write secure code from the beginning. We have built a powerful platform that moves the focus from reaction to prevention, training and equipping developers to think and act with a security mindset as they build and verify their skills, gain real-time advice and monitor skill development. Our customers include financial institutions, telecommunications providers and global technology companies in Europe, North America and the Asia Pacific. To learn more, visit https://securecodewarrior.com. https://securecodewarrior.com/
{{{size}}}       Security Compass is a leader in helping customers proactively manage cybersecurity risk without slowing down their business. Offering Advisory Services, Training, and SD Elements, an award-winning policy to procedure platform for security and compliance. Security Compass enables organizations to rapidly and efficiently deliver technology that's secure by design. Security Compass serves some of the world's largest businesses including seven of the 15 largest financial institutions and four of the 10 largest technology companies in North America. http://www.securitycompass.com
{{{size}}}       Security Innovation is a pioneer in software security and trusted advisor to its clients. Since 2002, organizations have relied on our assessment and training solutions to make the use of software systems safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud. The company’s flagship product, CMD+CTRL Cyber Range, is the industry’s only simulated Web site environment designed to build the skills teams need to protect the enterprise where it is most vulnerable – at the application layer. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit www.securityinnovation.com or connect with us on LinkedIn or Twitter. https://securityinnovation.com
{{{size}}}       ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle. It combines next-generation static code analysis (to quickly and accurately identify vulnerabilities) with application instrumentation (to protect the application) in an automated workflow. This combination of runtime-informed code analysis and code- informed runtime protection delivers the most accurate, automated, and comprehensive application security solution. https://blog.shiftleft.io/
{{{size}}}       There are a staggering volume and variety of open source and third-party component parts flowing through every development environment in the world. If properly sourced and managed, these components are a tremendous source of energy for accelerating innovation. If not, they lead directly to security vulnerabilities, licensing risks, enormous rework, and waste. With over 120,000 installations and counting, Sonatype’s Nexus products are helping modern development organizations intelligently source, manage, assemble, and maintain open-source and third-party components, so they can improve the quality, security, and speed of their software supply chains. http://www.sonatype.com
{{{size}}}       StackHawk is dynamic application vulnerability scanning built for modern development teams. With simple configuration, easy invocation via docker command, and interpretable results, StackHawk is built for developers to take control of their AppSec. Learn more at docs.stackhawk.com. https://www.stackhawk.com/
{{{size}}}       Snyk is a developer-first security solution that helps you use open source code and stay secure. Building on its unique vulnerability database, Snyk continuously finds and fixes known vulnerabilities & license violations in open source dependencies and containers. Snyk integrates seamlessly into the developers’ workflow and enables them to own the open source security of their code thus supporting security at scale. https://snyk.io/
{{{size}}}       SpringCM delivers an innovative document workflow and management platform, powering the leading contract management application. SpringCM empowers companies to become more productive by reducing the time spent managing mission-critical business documents. Intelligent, automated workflows enable document collaboration across an organization from any desktop or mobile device. Delivered through a secure cloud platform, SpringCM’s document and contract management solutions work seamlessly with Salesforce or as a standalone solution. Every day, more than 600 companies use SpringCM to improve customer experience and get more done, faster. For more information about SpringCM, visit www.springcm.com. https://developer.springcm.com/
{{{size}}}       Symantec Corporation (NASDAQ: SYMC), the world’s leading cybersecurity company, helps organizations, governments, and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud, and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For more information, please visit www.symantec.com. https://www.symantec.com
{{{size}}}       Synopsys technology is at the heart of innovations that are changing the way we live and work. The Internet of Things. Autonomous cars. Wearables. Smart medical devices. Secure financial services. Machine learning and computer vision. These breakthroughs are ushering in the era of Smart, Secure Everything―where devices are getting smarter, everything’s connected, and everything must be secure. Powering this new era of technology are advanced silicon chips, which are made even smarter by the remarkable software that drives them. Synopsys is at the forefront of Smart, Secure Everything with the world’s most advanced tools for silicon chip design, verification, IP integration, and application security testing. Our technology helps customers innovate from Silicon to Software, so they can deliver Smart, Secure Everything. https://www.synopsys.com/
{{{size}}}       tCell moves application security out of the network for cloud-first organizations. Using advanced runtime application self-protection technology, tCell protects applications in-production from XSS, Commandi, SQLi, Account Takeover, and OWASP Top 10 attacks. Whether an organizations’ applications are on-premises or cloud-based, tCell's unique approach makes application security easy. https://www.tcell.io/
ThoughtWorks Logo.png       We are a software company and community of passionate, purpose-led individuals. We think disruptively to deliver technology that addresses our clients’ toughest challenges, all while seeking to revolutionize the IT industry and create positive social change. ThoughtWorks' 3,000 professionals serve clients from offices in Australia, Brazil, Canada, China, Ecuador, Germany, India, Italy, Singapore, South Africa, Turkey, Uganda, the United Kingdom, and the United States. ThoughtWorks releases a regular technology radar, a study that looks at the key trends that impact software development and business strategies. The Radar helps companies stay on top of topics that are constantly evolving, such as security, and offers insight and practical tools to build secure systems at every stage of the development process. http://www.thoughtworks.com/
{{{size}}}       Twistlock is the most complete, automated and scalable cloud native cybersecurity platform. Trusted by hundreds of customers worldwide, Twistlock uses the strengths of cloud native to provide better security for teams using Docker, Kubernetes, Lambda, Fargate, and other modern technologies. https://www.twistlock.com/
{{{size}}}       UBsecure is a leading web application security company based in Japan since 2007. We offer various security solutions for web application and smartphone application by utilizing in-house developed application security testing tool, Vex. Vex built by a tremendous amount of experience in professional security scanning and by its continuous feedback. The unique characteristic of the tool is that it used as a stand-alone security testing tool as well as the seamless security testing component within the SDLC. Therefore, Vex is not only for professional security auditors but also for software developers who need secure development cycles. Please visit our site for more information about Vex. https://vex.ubsecure.jp/lpen
{{{size}}}       https://www.ups.com/us/en/Home.page
{{{size}}}       Veracode gives companies a comprehensive view of security defects so they can create secure software, and ensure the software they are buying or downloading is free of vulnerabilities. As a result, companies using Veracode are free to boldly innovate, explore, discover, and change the world. https://www.veracode.com/
{{{size}}}       Verizon Digital Media Services offers a global, PCI-compliant content delivery network to protect websites, applications and user data at every layer. Integrated with our industry-leading platform, our Cloud Security Solution offers world-class protection, performance and scale to keep your business online. Our network features:
  • An advanced Web Application Firewall (WAF) to protect web applications against attacks
  • Robust DDoS protection with massive capacity to thwart the largest attacks
  • Bot mitigation to defend against automated threats and bad bots
  • Added protection for web servers to defend against direct-to-origin attacks
  • Built-in DNS protection with DNSSEC to prevent injection of fraudulent records
  • A security operations team ready to provide a fully managed security offering

Contact us today to learn more about our Cloud Security Solution or visit us at www.verizondigitalmedia.com.

https://www.verizondigitalmedia.com/platform/edgecast-cdn/security/
{{{size}}}       The Waratek ARMR Platform provides unique protection in the applications runtime environment. This unique security layer provides fast and accurate security in the compilation pipeline, providing protection that becomes part of your application – but never requires changes to source code.

● Instantly apply code equivalent security patches to Java and .NET applications ● Actively secure against the OWASP Top Ten / SANS 25 / Zero-Day vulnerabilities ● Virtually upgrade & secure out-of-support, vulnerable Java applications. All with no source code changes or False Positives.

http://www.waratek.com/
Wallarm Logo (1).png       Wallarm delivers automated cloud-native application and API security throughout application development and deployment lifecycle.

Wallarm AI-powered Application Security Platform includes FAST for CI/CD-integrated security test automation during development and Advanced WAF attack blocking and vulnerability protection after deployment. Wallarm platform aligns security and development into a unified pipeline:

  1. Detects OWASP Top 10, 0 day and behavioral issues
  2. Provides highly accurate detection based on patent-pending technology
  3. Improves security test coverage by automatically generating and running tests
  4. Automates issue management with deep learning, policies and build in active rechecker
  5. Provide easy-to-manage multi-tenant multi-application unified management platform
https://wallarm.com/
{{{size}}}       WhiteHat Security is the leader in application security, enabling businesses to protect critical data, ensure compliance, and manage risk. Through a combination of technology, over a decade of intelligence metrics, and the judgment of people, WhiteHat Security provides complete web security at a scale and accuracy unmatched in the industry. https://www.whitehatsec.com
{{{size}}}       WhiteSource helps software security teams manage open source components used in their products, automatically and continuously. It becomes part of your SDLC and automates the entire process of open source components selection, approval, and management, including finding and fixing vulnerable components. https://www.whitesourcesoftware.com
Retrieved from "https://wiki.owasp.org/index.php?title=Corporate_Supporter_Bios&oldid=256140"