In the GRC space this week, IBM secures development of applications in the enterprise from the start of the build process, Google adds a number of security patches and PDF viewer to Chrome 8, Forrester predicts growth in the GRC market over the coming 12 months and Kalido and SutiSoft both announce new releases.
IBM Secures App Build
IBM (news, site) has taken another step this week to secure enterprise applications and they've done so not once the application is built, as is the norm, but at the beginning of the application build. The new software consolidates software vulnerability analysis and reporting into a single view across the enterprise.
Developers can assess security threats across the entire software development lifecycle, enabling global development teams to identify and test security exposures and help reduce the risks and costs associated with security and compliance.
The new release includes enhancements to the IBM Rational AppScan portfolio that simplifies security vulnerability analysis and identification for software developers.
As part of the new features, IBM Research provided string analysis, a software development capability that helps simplify the security testing process by automatically detecting and verifying which Web application development input needs to be cleansed, removing security risks. Want to find out more.
Google Upgrades Chrome 8 Security
With all the noise surrounding the first views of Google's Chrome OS, the updates to its Chrome Browser went almost unnoticed.
The updates repair more than 800 security bugs and stability issues in a total of 14 fixes. The browser also offers a built-in PDF viewer with security features in the Chrome sandbox. The new viewer will enable users to open and view PDF’s securely within a framework that compartmentalizes running programs.
Some of those fixes were identified by Google as “high risk”, indicating the weaknesses may be used by third-parties to access systems or crash computers. Other flaws were less severe and included a possible pop-up blocker bypass glitch and an error that enabled potential browser crashes. Find out more about this?
Forrester Sees Growth in GRC Market
Looking forward into the New Year, Forrester (news, site) researcher Chris McClean warns that the point where enterprises actually begin to see the commercial value of GRC technologies is still some time away.
In his report Governance, Risk and Compliance Predictions, 2011 And Beyond, McClean points out that 2011 and the introduction of a huge collection of new regulatory demands will see companies increasing their GRC budgets substantially, but that by 2015 roughly half of organizations will have a GRC strategy.
The next 12 months will see a focus on horizontal adoption, greater attention to business intelligence and practical GRC values from emerging social and mobile technologies, he says. The next year will also see new regulations, hindering GRC maturity and promoting disagreements amongst companies as to what GRC programs should look like. The report is available from Forrester.
SutiSoft Releases GRC Suite
SutiSoft (news, site) is one of two new releases in the GRC space this week. The newest release, SutiGRC integrates with existing infrastructures and enables management of complex processes with distribution and approval capabilities.
Risk management strategies can be integrated into the corporate management philosophy to increase involvement of employees in business decision making. SutiGRC enables organizations to identify possible risks and plan corrective actions to reduce the extent of loss. It also simplifies the introduction and implementation of change and aligns vendors to internal governing policies.
There is a long list to different modules in SutiGRC that can be deployed as a module or combination of modules.
Kalido Offers Data Governance
Kalido (news, site) provides the second release this week with the general availability of Kalido Data Governance Director, a new product designed to expand data governance programs through data policy management.
With the Kalido Data Governance Director, organizations will be able to expand their data governance programs by:
- Managing data policies in a common, centralized policy layer across the enterprise
- Expand tasks associated with the data governance processes transparently.
- Measuring and improving data policy
Overall, it aims to take data management rules that exist on paper and apply them to an enterprise software infrastructure.