IBM extends Secure by Design initiative

IBM wants to see security 'woven into the very fabric of an organisation's infrastructure'

IBM has made several announcements as part of its Security By Design initiative aimed at persuading businesses to build security into the design of applications rather than bolting it on afterwards.

The company has revealed new security testing software, a source code assessment service, a secure engineering framework blueprint, and updates to existing access management software.

The new security testing software in AppScan Source Edition is aimed at identifying security vulnerabilities at a source code level. This allows businesses to fix security problems in applications before they go live, making them less expensive to fix.

IBM's Application Source Code Security Assessment service, meanwhile, can provide a baseline assessment of source code for companies that lack in-house app security expertise or want to outsource security assessments.

The firm has also released IBM Security Engineering Framework, a blueprint for IBM clients, IT companies and academics to develop product and application security.

IBM has updated its Tivoli Access Manager family of software, which now provides centralised authentication, policy management and access control services across platforms such as cloud computing and service oriented architecture.

"Each day we are seeing the emergence and adoption of new technologies and business models," said Al Zollar, general manager of IBM Tivoli Software.

"It is organisations that learn how to effectively manage security risk that will become successful in this environment.

"By introducing these new software and service offerings, IBM is helping to ensure that security is woven into the very fabric of an organisation's infrastructure."