SAS® Software Security Framework: Engineering Secure Products

January 13, 2019

SAS builds quality software that is secure and privacy-preserving. Our products are built to be resistant to misuse and known cybersecurity threats. SAS guides its architects and developers based on our software security framework (see Figure 1). At the highest level of the framework, we have defined a software security policy structure that supports product security governance. This model applies to each phase of a product’s software development life cycle (SDLC).

Spotlight

Raytheon Pikewerks

Raytheon Company acquired Pikewerks Corporation in December 2011 to further extend Raytheon's capabilities to defend against sophisticated cybersecurity threats facing customers in the intelligence community, Department of Defense and commercial organizations. Pikewerks enhances Raytheon's comprehensive cybersecurity offerings, including a range of analysis and investigation capabilities with particular emphasis on insider threat protection, software protection and forensics. Two high-demand Pikewerks products are Electronic Armor®, an anti-exploitation software tool that protects executable files; and Second Look®, a software capability for live, in-memory forensic analysis of operating systems.

OTHER WHITEPAPERS
news image

Protecting Against Sophisticated Bot Attacks

whitePaper | November 18, 2022

Bot-generated attacks have risen in visibility, and defending against these attacks is now a priority for most organizations. Yet challenges persist in accurately identifying bot traffic; protecting a distributed, heterogeneous application environment from these attacks; and minimizing the impact to legitimate users while doing so. To address these issues, intelligent protection against sophisticated bots is a necessity. This should include strong analytics coupled with human expertise, a frictionless user experience, and consistent coverage across different architectures and platforms. F5 Distributed Cloud Bot Defense, built on Google Cloud, supports these requirements and can help prevent fraud and abuse against public-facing web applications.

Read More
news image

The State of ICS/OT Cybersecurity in 2022 and Beyond

whitePaper | October 26, 2022

The industrial control system (ICS)/operational technology (OT) security community is seeing attacks that go beyond traditional attacks on enterprise networks. Given the impacts to ICS/OT, fighting these attacks requires a different set of security skills, technologies, processes, and methods to manage the different risks and risk surfaces, setting ICS apart from traditional IT enterprise networks.

Read More
news image

Cloud Collaboration Security Technical Paper Series: Webex Messaging

whitePaper | December 17, 2022

Webex is a cloud collaboration platform that provides messaging, calling, and meeting features. This paper describes the architecture and security features related to the Webex Messaging service and the suite of tools that the Webex Messaging service provides to keep customers’ data safe from Cisco as well as external attackers.

Read More
news image

Building a Successful Cloud Infrastructure Security and Compliance Practice

whitePaper | December 28, 2022

Cloud security truly is a team sport that requires strong collaboration between security, IT and line of business teams. The dynamic nature of cloud is forcing information security teams to rethink how they operate and partner with other groups to address emerging security and compliance challenges their organizations face.

Read More
news image

Cross-Generational Security Of Mobile Telephony

whitePaper | August 4, 2022

Abstract— With the recent roll-outs of 5G networks and the rise of phones supporting the standard, it’s critical to examine the technical underpinnings of 5G system security. The fifth generation of 3GPP (3rd Generation Partnership Project) mobile telephony, the lack of understanding, outright hostility, and general confusion surrounding this roll-out is unmatched in the history of mobility. We aim to alleviate much of the confusion and hostility by providing an overarching description and security document.

Read More
news image

Awesome Cyber Security Facts - Infographic

whitePaper | November 15, 2019

Check out our "Awesome Cyber Security Facts" infographic below to see how crucial cyber security attack was for some businesses, what are our main weaknesses in terms of personal cyber security and even more.

Read More

Spotlight

Raytheon Pikewerks

Raytheon Company acquired Pikewerks Corporation in December 2011 to further extend Raytheon's capabilities to defend against sophisticated cybersecurity threats facing customers in the intelligence community, Department of Defense and commercial organizations. Pikewerks enhances Raytheon's comprehensive cybersecurity offerings, including a range of analysis and investigation capabilities with particular emphasis on insider threat protection, software protection and forensics. Two high-demand Pikewerks products are Electronic Armor®, an anti-exploitation software tool that protects executable files; and Second Look®, a software capability for live, in-memory forensic analysis of operating systems.

Events