Feenics Achieves ‘Verified by Veracode’ Assurance Program Seal
Participating in the program ensures that Feenics’ software meets a high standard of data-breach application security, reducing risk for the customer.
The seal of approval was achieved after taking part in CA Technologies’ stringent 10-month process known as the CA Veracode Verified program.
OTTAWA, Ontario, Canada — Feenics, a provider of Cloud-hosted integrated access control and security management solutions, has received an independent quality seal of approval under the “Verified by Veracode” assurance program that validates its secure software development procedures.
The seal of approval was achieved after taking part in CA Technologies’ stringent 10-month process known as the CA Veracode Verified program.
With approximately 30% of all breaches occurring as a result of a vulnerability at the application layer, software purchasers are demanding more insight into the security of the software they are buying, according to an announcement.
As part of CA Veracode Verified program, Feenics can now demonstrate through a seal and provide an attestation letter from an industry leader that the application has undergone security testing as part of the development practice.
Additionally, participating in the program ensures that the company’s software meets a high standard of application security, reducing risk for the customer, according to the company.
Organizations that had their secure development practice validated, and their application accepted into the Standard Tier, have demonstrated the following security gates have been implemented into their software development practice:
- Assesses first-party code with static analysis
- Documents that the application does not allow Very High flaws in first-party code
- Provides developers with remediation guidance when new flaws are introduced
The Keep by Feenics API provides developers with programmatic access to all the functionality of a deployed physical access control solution. From adding cardholders, to adjusting door schedules, modifying access levels or querying for hardware status, all activities are programmable through the company unified, RESTful API.
In addition to the stateless HTTPS protocol the API service also offers a live stream of events over a web-socket connection. This stream of events can be used for live alarm monitoring, real time data analysis and threat detection.
The API is secured with TLS encryption and optionally authenticated with time-based, one-use passwords (RFC 6238).
“Third-party review and audit within our software development lifecycle is an essential part of the vulnerability assessment process, ensuring that Feenics does everything possible to mitigate cyber risk for our users,” says Denis Hebert, president of Feenics.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
