Security Monitoring

Security vulnerabilities in developers' applications can be discovered virtually anytime -- invalid input, API abuse, misused security features, and inappropriate error handling are just some examples. Poor internal coding practices are not the only source of security vulnerabilities. In today’s componentized, connected environment, security vulnerabilities are easily inherited from 3rd party components and system dependencies. When it does occur, a security breach can be damaging to customers, ISVs and the platform vendor’s brand. This makes protecting against breaches a top priority 24 hours a day, 7 days a week, 365 days a year.

SpikeSource Security Monitoring Service continuously tracks all software components for security updates. It monitors ISV applications in real-time against the National Vulnerability Database maintained by the U.S. Department of Homeland Security which monitors thousands of records each day.

The instant a security vulnerability is identified, the Security Monitoring Service generates a real-time notification email, including specific recommended remediation actions for each application.

NVD is the U.S. government repository of standards based vulnerability management data represented using the (SCAP). This data enables automation of vulnerability management, security measurement and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names and impact metrics.