Effectively

</head><body id="readabilityBody"> </p> <p>%PDF-1.6 %äãÏÒ 1 0 obj [/PDF/ImageB/ImageC/ImageI/Text] endobj 4 0 obj <</Length 5 0 R /Filter/FlateDecode >> stream xœ endstream endobj 5 0 obj 8 endobj 6 0 obj <</Subtype/Image /Width 150 /Height 150 /BitsPerComponent 8 /ColorSpace/DeviceRGB /Filter/FlateDecode /Length 7 0 R >> stream xœígx]ŵ÷!!›póá^¾¼onè á’¼¸@hƒ &6„zÁÀIè6ظɲ-˲%Y]Vï½Z½ËjVï½Ë²lÉr’ûþgÖÞsf—st$ ‰÷³=Gçì}ÊþíµÖÍ̞ùßÿ=¿ßÎoç·óÛùíüv~;¿ßÎosޞjk﬩­/.-ËÍ/ŒOLŽKHŽOŠ‰KŒŽM€EÅÄGFÇEDņGÆÀÂ"¢³sóaûË*êšpøää‘sý;þ…¶écÇúúªkëò ŠSÓ3SÒ2RR÷%§¦'¥¤'&§%$ ¥Æ'¦Ø14<*$ ,’,($ †7))-ëìꞜœ<׿òŸm;yêÔÀà`]}#\,3+7#3g_FvzFVÚ¾,Sˆx”’Ãㄤ”ø4ŽJƒÃ‚BaØ­¨¤´£³ëÌ™3çúׇ·S§N WVUçææä îeåäefç ˆY9YÙyx>'¯ûäååçåãùþ2tÎ:…œ@ASÑ? æ·7(;'ï<Ê9m_~ùåÁƒãÈP…%ŒHAˆˆpâ’â’²Òýå°XiYqÉþ¢âÒ¢Råû ê<~Ë<484BÑ×?–•Û××®OÏ·z;}útOoyE•ŽHAa10••WÂ+*À°þ…YXˆ"‡Â7‘4]÷†È}üÂ#£Tל>ï’Ú ì !tD`eåUªkkjêªkêð ê@Í7 QÄXDW¢·ïހÀ|¹cÇfÎõ™;÷ÛéÓgÚ;:C&@5µu MP/0T ç"R. ½|üaˆêǎ;×gñÜlÐ=½} "pà/56575·66µ€à· "B+4R¤qo@peÕ\ŠçúŒ~£ÛÈÈh}}#p"õ -­íÜÚš[Zç€âyáŸèéåóðòñðdæã»72:6" ¥DtjzÆÙ@¤b)R@ôôöójmm;×çõ›ØŽÍ̀b$ pÔp …@ kkïhmë°bfVNDd´¯_Àf‡­«×¬]õ—÷ædŸ­]¿~ÃfW7$ 50š+DªAWD/ß„Ääééés}Ž¿® eÂððáA–è›;;»;»z cPsÙ1'7?4,b‡³Ë~2Wd¶íãO>Å•àíãrÞ~ˆpFè$ Gq§OEeÕ¹>Ù¿Í?ÞÖÖÑÐØL8ðà»z»º{f…˜_Päãë¿æÓu6¼òÖÊ'þôâ²Wž¾ý™mö­úÏvûò«¯úú…CØ ã¯mˆyù.»\§§Ôpædkñ•,¹ò‚¯ºàÁ«/xèê–’]sÁÃ’á_z;`7ìŒCp aå@q1€&|Ùø¹[·CÙΈˆJÝ=¼‹JJq ŸkóÜNž< 4¡ÀhxddxdthxÄÄä”´›¶Áýæ©E?yðj„ì!"uí¿¿ö‚e?g¶üç.ÿÅ…»Ž›úïò_`eO‚qøC*P•&>׉åºÏ7BºÌ 184冀ˆˆzêÔésMcn®:hN!‡‚ µ±°¨dÓf ;d+8ÅO–¨à«ÔàS„Œ`=z³?üòÂÇ`×3{ÜŠÑ«Ø ;ÓQ€é/T *M|G g_üâãFŽÁa¶!Rù/ b¤’sÅÞ ø¦¦¦ETăѱƒÇ·±¾¡i»ÓN,¹þñ».yà*Åãdp‚Ú~©Àzâ¿™=yÃ…OÁ~uáa¿fö´dô^ÂØ ;ÓQ„•€M%÷J| ¸¤Nü8lÙp¶!"¢ ˆÐ9€ø폨ø†GQ±·¯ÿÐÄaØø¡ Sˆ cdÇÒ9ÅIœêhDíIÎtžý¿Ÿåö܍°ïÁž7‰í‰Cžápñ&TÐ|ä: Jî’—</p> <p>hbàÛ‘ÉÎC‡xTì<:<9 ›8<em>< ß)1Saw­Âî:pÌ}TjŒ‡uË^æöÊÿ0•Ûk·êž§hș⭚ÏÞ¨¢T½RqIž(UüɃס–Ñ8ãn÷ï4D|Ÿ#GŽ"¯A±"ßôô1dCSˆí]H"²Î¼lé L«È~GiŽ±»%/îq8Ãßþ7½À½ì%Áú춬 »Ùë£çiìü'+}é–‹š„’åy€\I”ÄW]ô3TrPÝ°Ñྋ™t™ž;„ÁËffŽ;6c ±¤´ì£×ˆ_ˆÄÂ&i•¥×hüîIbÇC¥î•[,Ôˆè¼ûíVÂîøÁ›6 ;`7ìü†Àʁ š„’%°:Ž"®rƒ ºì•§ÅÏY½fíÞÀ¨˜øY!"'BÞ 2é25…° ×DÈ­|3…˜¾/CÎz¬0®GZå×éØ1§C¨D{Y€ãNôºŠŒ¸¼uÇÅoÝyñŸ™]ò6Ù]cÏÓ>؇¨L9Ð×µ(™Wr—4áxÝ…¤sTg¼þñ»…3"¢Bº|W âÓOœ<É_? "Á?~ü„ºé É bJÖ[r•%lB<°|§cG¡Rõ8œJ ,Ö;ÜÞ…ÝÍl•£WßU÷û®‹9S…&ÞÖ‚òVö¡ŠKj9âKB²Š ú û!—=ü+¹Àm—=ƒCOœ8y® âsÏœ9ƒŠ‚ƒÃàj¦ƒÅ¯C¬DNR,Ë¥°ù4Ïwzv</em></p> <p><em><¸¿ª¢¯¿ dÒˆK\Eå scÍãÌø6:̘Ê6vp“v¦Ã‡GG¡+z{Ÿpû{¥–ãJ®]Wˆ *9ãSŠ¼a5#~2û¢ŸÉU¿ËnwkEÛ)T Nà7Ÿrúôé¶6Ö㈤(ñP&!ÊÁSÅw•Š‰OœÏßȲÞË·8„{Jø¬²£ '\Ž£;8ÓÑDÄǬö=áþ!eLŽ¯ËΨfFüüJ‹ñþËïy~¹=ÂFôbÄÆ'"1ñ)==}ˆs-­pÁnülüp#ÄŒŒ,}ðTðqÝB‰O-¼RxíÖŠÚjÆÎßȈÀGìdp4ãcãÌ*vH5ö/½dŠ²§§¿qÏG,]Êßæ5ˆT¹3òˆjø„¢6œúúšBý‰ûËʿ÷ªÆ¦–¦æV@c'P±¬¼Â€ïJ->%ñ)¢gcÅíHõ  àé âÌoqÜ&ÊvV÷‘òÔãSKªV²"8«ë vÚyhVj¶iâÍò¦§¦5ûúžÄîSjáŒoßÅ"*j‘M ruºøJÔ‰¢Øwزîg4B¥š¾ŽXʺݏ«­k¨«oD¤œm#ÄаÑhÆZ]¨l_FÊSÉŠ÷½ªâ“zïÜ‚føT¹b…‘"·Ã‡›ë¯œŸÐÕ××_XXˆ ö•´"û“žÿÛ÷iœQŽ¨zˆBØP‰ÁŠýËþ•H+î{¼L!î ¡!‹ªÐKáÚÍÍ-5µõ€ J ¡2ÄŠÊ*ñ=Y›çý—+eû£¼p ´4«««KKKQ ˆñ¾ Ä÷­AdÂF)1Pìã‡?¦ªžE†»‡·)D1Œ?/¿p¡$ ç±²ªºê@ ¢ìêîÑA¬®©ñ󲥿’ÒW/HîÏ)e;Sà$ ]´øpN@p|ÂõLØ8…ÑáÙÌBSEYVV¶ÿþŽŽS‚ˆ-RÒ¢" ¥Nä-6BÕP,}àŠë¿[ÄR1PJ†ˆX*n¨™šš:7$ „t©¨<ˆM͝]ÝÔš-CtÚ±S–`ñóÁ«ôéïß V8@ÈQîøpN::;mà3u=…mjG¸ÙD‰ü[^^ˆMMMÖ ˆ[¬AdêT­_¾E‘¦"!bé¶íÎòl¢¸+ª¸¤ôì݈äN7÷`ÔoÍ–!æäækô§!~*ê‰~Åm¬~ëÖŠŇsÒÙÙi ܼ­½S±ÅÚë:{kjj©¬¨Äææf bÿ€Q §¼Ä`u"µØ0Us‹šo`Jà%–ʺg„ˆXJ÷'ú¥ª°iY ¢Ž­Ù2ÄÏÖ®·4¿þ¤òÇÏï='ÒßmL³!ý1Æر¢UU¢m‚:OÔQm±áª†%Dc,½ÿrÑÚæà¸]7ï A„IJòŠ³qC8 ®>k 6·°¶PÄ”Ôt1ÎS¦?Y¿ƒ6~jÒŸ„ïC†ïÇŸ<ÐÙÙ%)OCð”#§.l9:yT¶©#dSS_šdf9¤¥¹åÀj‚8+Á¯ŒÂæ=QìKªÆKÕâºôák/XråO¼NHxœ"|“n÷FÝqòäü;ñ¿øâÀ*)-DȨPjЖ!Zq@¡?¥ø)ÒÔáŸãûˆá»t5'¨-¬á“sÜ¬àŽªfJ“Ž­©©…J#ˆ8cöBP!¾/ Ê Q©-º”j¸¤ÝO[·g DqÏ>NõWóª Ù˜'àzÅ%û±¶*¦U1#3[€úS-´éð-úñÇ÷ߥkƒ ¦Ée6K-óY,½‰±‘%Í’«.Y|µÈ†tW”"jCš=#m_æ©S§æá†ø†ÃÃ#…E¥EÅ¥ˆ¢¨©KB†¸mûÈÌ-l|éOmü$ õ"ð]úéx´Q|ŠÆ1=>«ì,°¦¦MGG!«¢œkkëfffæ1Î÷ߌ±”t)~>IJÙpç.Wã\p JS  '>|x®-¥Ô[[ßPPXˆ4S"Ô© RÔ: "`HJñSJ—®¾Å—~¶¤‹Ôâ›°Ÿ`'HM6£šòŒåÀÀ@CCƒžØÓÓ348„¯sôèQÄ"{ J ‘ÅRE—šº!²áb– Emh:¡Ÿ˜Çæ@u 2Úœ‚øôôta1M©TRS[‚:ˆ~þ–PvÀ'ŒÈéOKü>‹^úÙƒŒ Yüäø&'fç73›)(q`gª‰</em></p> <p></body></div> <div><html xmlns="http://www.w3.org/1999/xhtml"><head><title/></head><body id="readabilityBody"> </p> <p>%PDF-1.6 %äãÏÒ 1 0 obj [/PDF/ImageB/ImageC/ImageI/Text] endobj 4 0 obj <</Length 5 0 R /Filter/FlateDecode >> stream xœ endstream endobj 5 0 obj 8 endobj 6 0 obj <</Subtype/Image /Width 150 /Height 150 /BitsPerComponent 8 /ColorSpace/DeviceRGB /Filter/FlateDecode /Length 7 0 R >> stream xœígx]ŵ÷!!›póá^¾¼onè á’¼¸@hƒ &6„zÁÀIè6ظɲ-˲%Y]Vï½Z½ËjVï½Ë²lÉr’ûþgÖÞsf—st$ ‰÷³=Gçì}ÊþíµÖÍ̞ùßÿ=¿ßÎoç·óÛùíüv~;¿ßÎosޞjk﬩­/.-ËÍ/ŒOLŽKHŽOŠ‰KŒŽM€EÅÄGFÇEDņGÆÀÂ"¢³sóaûË*êšpøää‘sý;þ…¶écÇúúªkëò ŠSÓ3SÒ2RR÷%§¦'¥¤'&§%$ ¥Æ'¦Ø14<*$ ,’,($ †7))-ëìꞜœ<׿òŸm;yêÔÀà`]}#\,3+7#3g_FvzFVÚ¾,Sˆx”’Ãㄤ”ø4ŽJƒÃ‚BaØ­¨¤´£³ëÌ™3çúׇ·S§N WVUçææä îeåäefç ˆY9YÙyx>'¯ûäååçåãùþ2tÎ:…œ@ASÑ? æ·7(;'ï<Ê9m_~ùåÁƒãÈP…%ŒHAˆˆpâ’â’²Òýå°XiYqÉþ¢âÒ¢Råû ê<~Ë<484BÑ×?–•Û××®OÏ·z;}útOoyE•ŽHAa10••WÂ+*À°þ…YXˆ"‡Â7‘4]÷†È}üÂ#£Tל>ï’Ú ì !tD`eåUªkkjêªkêð ê@Í7 QÄXDW¢·ïހÀ|¹cÇfÎõ™;÷ÛéÓgÚ;:C&@5µu MP/0T ç"R. ½|üaˆêǎ;×gñÜlÐ=½} "pà/56575·66µ€à· "B+4R¤qo@peÕ\ŠçúŒ~£ÛÈÈh}}#p"õ -­íÜÚš[Zç€âyáŸèéåóðòñðdæã»72:6" ¥DtjzÆÙ@¤b)R@ôôöójmm;×çõ›ØŽÍ̀b$ pÔp …@ kkïhmë°bfVNDd´¯_Àf‡­«×¬]õ—÷ædŸ­]¿~ÃfW7$ 50š+DªAWD/ß„Ääééés}Ž¿® eÂððáA–è›;;»;»z cPsÙ1'7?4,b‡³Ë~2Wd¶íãO>Å•àíãrÞ~ˆpFè$ Gq§OEeÕ¹>Ù¿Í?ÞÖÖÑÐØL8ðà»z»º{f…˜_Päãë¿æÓu6¼òÖÊ'þôâ²Wž¾ý™mö­úÏvûò«¯úú…CØ ã¯mˆyù.»\§§Ôpædkñ•,¹ò‚¯ºàÁ«/xèê–’]sÁÃ’á_z;`7ìŒCp aå@q1€&|Ùø¹[·CÙΈˆJÝ=¼‹JJq ŸkóÜNž< 4¡ÀhxddxdthxÄÄä”´›¶Áýæ©E?yðj„ì!"uí¿¿ö‚e?g¶üç.ÿÅ…»Ž›úïò_`eO‚qøC*P•&>׉åºÏ7BºÌ 184冀ˆˆzêÔésMcn®:hN!‡‚ µ±°¨dÓf ;d+8ÅO–¨à«ÔàS„Œ`=z³?üòÂÇ`×3{ÜŠÑ«Ø ;ÓQ€é/T *M|G g_üâãFŽÁa¶!Rù/ b¤’sÅÞ ø¦¦¦ETăѱƒÇ·±¾¡i»ÓN,¹þñ».yà*Åãdp‚Ú~©Àzâ¿™=yÃ…OÁ~uáa¿fö´dô^ÂØ ;ÓQ„•€M%÷J| ¸¤Nü8lÙp¶!"¢ ˆÐ9€ø폨ø†GQ±·¯ÿÐÄaØø¡ Sˆ cdÇÒ9ÅIœêhDíIÎtžý¿Ÿåö܍°ïÁž7‰í‰Cžápñ&TÐ|ä: Jî’—</p> <p>hbàÛ‘ÉÎC‡xTì<:<9 ›8<em>< ß)1Saw­Âî:pÌ}TjŒ‡uË^æöÊÿ0•Ûk·êž§hș⭚ÏÞ¨¢T½RqIž(UüɃס–Ñ8ãn÷ï4D|Ÿ#GŽ"¯A±"ßôô1dCSˆí]H"²Î¼lé L«È~GiŽ±»%/îq8Ãßþ7½À½ì%Áú춬 »Ùë£çiìü'+}é–‹š„’åy€\I”ÄW]ô3TrPÝ°Ñྋ™t™ž;„ÁËffŽ;6c ±¤´ì£×ˆ_ˆÄÂ&i•¥×hüîIbÇC¥î•[,Ôˆè¼ûíVÂîøÁ›6 ;`7ìü†Àʁ š„’%°:Ž"®rƒ ºì•§ÅÏY½fíÞÀ¨˜øY!"'BÞ 2é25…° ×DÈ­|3…˜¾/CÎz¬0®GZå×éØ1§C¨D{Y€ãNôºŠŒ¸¼uÇÅoÝyñŸ™]ò6Ù]cÏÓ>؇¨L9Ð×µ(™Wr—4áxÝ…¤sTg¼þñ»…3"¢Bº|W âÓOœ<É_? "Á?~ü„ºé É bJÖ[r•%lB<°|§cG¡Rõ8œJ ,Ö;ÜÞ…ÝÍl•£WßU÷û®‹9S…&ÞÖ‚òVö¡ŠKj9âKB²Š ú û!—=ü+¹Àm—=ƒCOœ8y® âsÏœ9ƒŠ‚ƒÃàj¦ƒÅ¯C¬DNR,Ë¥°ù4Ïwzv</em></p> <p><em><¸¿ª¢¯¿ dÒˆK\Eå scÍãÌø6:̘Ê6vp“v¦Ã‡GG¡+z{Ÿpû{¥–ãJ®]Wˆ *9ãSŠ¼a5#~2û¢ŸÉU¿ËnwkEÛ)T Nà7Ÿrúôé¶6Ö㈤(ñP&!ÊÁSÅw•Š‰OœÏßȲÞË·8„{Jø¬²£ '\Ž£;8ÓÑDÄǬö=áþ!eLŽ¯ËΨfFüüJ‹ñþËïy~¹=ÂFôbÄÆ'"1ñ)==}ˆs-­pÁnülüp#ÄŒŒ,}ðTðqÝB‰O-¼RxíÖŠÚjÆÎßȈÀGìdp4ãcãÌ*vH5ö/½dŠ²§§¿qÏG,]Êßæ5ˆT¹3òˆjø„¢6œúúšBý‰ûËʿ÷ªÆ¦–¦æV@c'P±¬¼Â€ïJ->%ñ)¢gcÅíHõ  àé âÌoqÜ&ÊvV÷‘òÔãSKªV²"8«ë vÚyhVj¶iâÍò¦§¦5ûúžÄîSjáŒoßÅ"*j‘M ruºøJÔ‰¢Øwزîg4B¥š¾ŽXʺݏ«­k¨«oD¤œm#ÄаÑhÆZ]¨l_FÊSÉŠ÷½ªâ“zïÜ‚føT¹b…‘"·Ã‡›ë¯œŸÐÕ××_XXˆ ö•´"û“žÿÛ÷iœQŽ¨zˆBØP‰ÁŠýËþ•H+î{¼L!î ¡!‹ªÐKáÚÍÍ-5µõ€ J ¡2ÄŠÊ*ñ=Y›çý—+eû£¼p ´4«««KKKQ ˆñ¾ Ä÷­AdÂF)1Pìã‡?¦ªžE†»‡·)D1Œ?/¿p¡$ ç±²ªºê@ ¢ìêîÑA¬®©ñ󲥿’ÒW/HîÏ)e;Sà$ ]´øpN@p|ÂõLØ8…ÑáÙÌBSEYVV¶ÿþŽŽS‚ˆ-RÒ¢" ¥Nä-6BÕP,}àŠë¿[ÄR1PJ†ˆX*n¨™šš:7$ „t©¨<ˆM͝]ÝÔš-CtÚ±S–`ñóÁ«ôéïß V8@ÈQîøpN::;mà3u=…mjG¸ÙD‰ü[^^ˆMMMÖ ˆ[¬AdêT­_¾E‘¦"!bé¶íÎòl¢¸+ª¸¤ôì݈äN7÷`ÔoÍ–!æäækô§!~*ê‰~Åm¬~ëÖŠŇsÒÙÙi ܼ­½S±ÅÚë:{kjj©¬¨Äææf bÿ€Q §¼Ä`u"µØ0Us‹šo`Jà%–ʺg„ˆXJ÷'ú¥ª°iY ¢Ž­Ù2ÄÏÖ®·4¿þ¤òÇÏï='ÒßmL³!ý1Æر¢UU¢m‚:OÔQm±áª†%Dc,½ÿrÑÚæà¸]7ï A„IJòŠ³qC8 ®>k 6·°¶PÄ”Ôt1ÎS¦?Y¿ƒ6~jÒŸ„ïC†ïÇŸ<ÐÙÙ%)OCð”#§.l9:yT¶©#dSS_šdf9¤¥¹åÀj‚8+Á¯ŒÂæ=QìKªÆKÕâºôák/XråO¼NHxœ"|“n÷FÝqòäü;ñ¿øâÀ*)-DȨPjЖ!Zq@¡?¥ø)ÒÔáŸãûˆá»t5'¨-¬á“sÜ¬àŽªfJ“Ž­©©…J#ˆ8cöBP!¾/ Ê Q©-º”j¸¤ÝO[·g DqÏ>NõWóª Ù˜'àzÅ%û±¶*¦U1#3[€úS-´éð-úñÇ÷ߥkƒ ¦Ée6K-óY,½‰±‘%Í’«.Y|µÈ†tW”"jCš=#m_æ©S§æá†ø†ÃÃ#…E¥EÅ¥ˆ¢¨©KB†¸mûÈÌ-l|éOmü$ õ"ð]úéx´Q|ŠÆ1=>«ì,°¦¦MGG!«¢œkkëfffæ1Î÷ߌ±”t)~>IJÙpç.Wã\p JS  '>|x®-¥Ô[[ßPPXˆ4S"Ô© RÔ: "`HJñSJ—®¾Å—~¶¤‹Ôâ›°Ÿ`'HM6£šòŒåÀÀ@CCƒžØÓÓ348„¯sôèQÄ"{ J ‘ÅRE—šº!²áb– Emh:¡Ÿ˜Çæ@u 2Úœ‚øôôta1M©TRS[‚:ˆ~þ–PvÀ'ŒÈéOKü>‹^úÙƒŒ Yüäø&'fç73›)(q`gª‰</em></p> <p></body></html></div> <p><img src="http://pixel.quantserve.com/pixel/p-89EKCgBk8MZdE.gif" border="0" height="1" width="1" /><br /> <a rel="nofollow" href="https://www.sans.org/reading-room/whitepapers/threathunting/threat-intelligence-is-effectively-37282">SANS Information Security Reading Room</a></p> <!-- /article-content --> </div> <div class="cleared"></div> <div class="romeo-postfootericons romeo-metadata-icons"><span class="romeo-postcategoryicon"><span class="categories">Posted in</span> <a href="http://www.ineedachick.com/category/uncategorized/" rel="category tag">Uncategorized</a></span> | <span class="romeo-posttagicon"><span class="tags">Tagged</span> <a href="http://www.ineedachick.com/tag/effectively/" rel="tag">Effectively</a>, <a href="http://www.ineedachick.com/tag/intelligence/" rel="tag">intelligence</a>, <a href="http://www.ineedachick.com/tag/threat/" rel="tag">threat</a></span> | <span class="romeo-postcommentsicon"><a href="http://www.ineedachick.com/threat-intelligence-what-it-is-and-how-to-use-it-effectively/#respond">Leave a comment</a></span></div> </div> <div class="cleared"></div> </div> </div> <div class="romeo-box romeo-post post-402 post type-post status-publish format-standard has-post-thumbnail hentry category-ransonware tag-application tag-critical tag-effectively tag-five tag-provider tag-security tag-selecting tag-steps tag-testing" id="post-402"> <div class="romeo-box-body romeo-post-body"> <div class="romeo-post-inner romeo-article"> <div class="romeo-postmetadataheader"><h2 class="romeo-postheader"><a href="http://www.ineedachick.com/five-critical-steps-to-effectively-selecting-an-application-security-testing-provider/" rel="bookmark" title="Five Critical Steps to Effectively Selecting an Application Security Testing Provider">Five Critical Steps to Effectively Selecting an Application Security Testing Provider</a></h2><div class="romeo-postheadericons romeo-metadata-icons"><span class="romeo-postdateicon"><span class="date">Published</span> <span class="entry-date" title="1:02 pm">August 2, 2016</span></span> | <span class="romeo-postauthoricon"><span class="author">By</span> <span class="author vcard"><a class="url fn n" href="http://www.ineedachick.com/author/devin-roy/" title="View all posts by Devin Roy">Devin Roy</a></span></span></div></div><div class="avatar alignleft"><a href="http://www.ineedachick.com/five-critical-steps-to-effectively-selecting-an-application-security-testing-provider/" title="Five Critical Steps to Effectively Selecting an Application Security Testing Provider"><img width="128" height="128" src="http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones-150x150.jpg" class="attachment-128x128 size-128x128 wp-post-image" alt="" title="Five Critical Steps to Effectively Selecting an Application Security Testing Provider" srcset="http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones-150x150.jpg 150w, http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones-300x300.jpg 300w, http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones-768x768.jpg 768w, http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones-1024x1024.jpg 1024w, http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones.jpg 1080w" sizes="(max-width: 128px) 100vw, 128px" /></a></div> <div class="romeo-postcontent"> <!-- article-content --> <div> <hr class="space"/> <div class="author"><img alt="" src="http://www.ineedachick.com/wp-content/uploads/2016/08/headshot-neiljones.jpg" class="avatar avatar-70 photo" height="70" width="70"/> </p> <p class="author_name">Neil Jones</p> <p class="author_title">Market Segment Manager for Application Security</p> <p class="author_bio">Neil currently serves as IBM's world-wide Market Segment Manager for Application Security. He possesses more than 10 years of experience in the IT security space, and has worked in...</p> <p> See All Posts</p></div> <p>As you can imagine, the application security testing industry has changed markedly since 2014. Cloud-based testing has become extremely popular as organizations have become more comfortable testing their applications using cloud-powered technology.</p> <p>Meanwhile, a growing number of businesses now view application security testing as a means to improve their security risk management preparedness and to promote DevOps efficiency, rather than solely focusing their attention on the technical findings of a single scan or two.</p> <p>Below are five critical steps for selecting an application security testing provider:</p> <h2>1. Familiarize Yourself With Application Security Testing Market Leaders</h2> <p>This is a critical first step in the process, and fortunately it’s also an extremely easy step to complete. We offer two complimentary industry analyst reports that you can review: the “2015 Gartner Magic Quadrant Report for Application Security Testing” and “The Forrester Wave™: Application Security, Q4 2014.”</p> <p>That industry research is well-respected by organizations around the world and can provide you with the baseline information that you require.</p> <h2><strong class="c2">2. Get Up to Speed on Application Security Risk Management</strong></h2> <p>Application security is no longer about simply scanning applications. Rather, it’s about improving your organization’s risk management profile. We offer two key resources to get you up to speed quickly on this important topic:</p> <ul type="disc"> <li>Risk Management E-Guide: This comprehensive e-guide provides five convenient steps to create an application security discipline within your organization.</li> <li>Ponemon Institute’s State of Application Security Risk Management report: This detailed report distinguishes organizations’ actual risk management practices from urban legends frequently associated with the topic.</li> </ul> <h2><strong>3. Test Drive Before Purchasing</strong></h2> <p>There are many factors to consider when making an application security purchasing decision. Your organization may conduct a variety of testing techniques, such as static application security testing (SAST), dynamic application security testing (DAST) and interactive application security testing (IAST). You may also need to decide whether an on-premises or cloud-based solution (or a combination thereof) constitutes the optimal fit for your particular implementation.</p> <p>One of the best ways to evaluate potential vendors is to participate in their free trial offerings when available. To support your evaluation efforts, you can test drive our IBM Security AppScan Standard and Application Security Testing on Cloud options free of charge.</p> <p>In addition, you can view brief, guided demo videos on YouTube that will educate you about configuring and running application security scans with AppScan Standard and scanning Android applications with IBM Application Security on Cloud. That way, your technical team can get a bird’s-eye view of how application security testing solutions can help them improve efficiency, potentially lower costs and focus on key initiatives.</p> <h2><strong>4. Prepare a Business Case for Your Executive Team</strong></h2> <p>In a recent Ponemon Institute report, 60 percent of survey respondents confessed that their management teams underestimated potential application security risk, which jeopardized their ability to be fully effective at combating it. But the stark reality is that they, like you, rely on executive management for budgetary support and project prioritization.</p> <p>As a security professional, you know the business value of testing applications for potential vulnerabilities prior to releasing them. However, solid financial benefits are much more challenging to come by.</p> <h3>Measuring Financial Benefits</h3> <p>With that in mind, IBM recently released a new study conducted by Forrester Consulting titled “The Total Economic Impact™ (TEI) of IBM Security AppScan Source.” The goal of Forrester’s independent TEI study was to assess economic and business benefits of an organization’s purchase of IBM’s application security testing solutions.</p> <p>The IBM client participating in the study was a large, global enterprise that currently utilizes IBM Security AppScan Source. AppScan Source permits the client to perform SAST in its application development environment.</p> <p>The study revealed significant financial benefits of an AppScan Source deployment:</p> <ul> <li>An estimated ROI of 253 percent: Forrester defined ROI as a measure of a project’s expected return in percentage terms.</li> <li>A payback period of only six months: Forrester defined payback period as the breakeven point for an investment in AppScan Source. The payback period is achieved when the net benefits of a project (its benefits minus its costs) is equal to the organization’s initial investment.</li> <li>AppScan Source permitted IBM’s client to conduct code review and vulnerability remediation at a much earlier stage in the development process, resulting in a 90 percent cost savings compared to remediating findings at later stages in the development life cycle.</li> </ul> <p>We encourage you to utilize this resource to help quantify benefits of a potential investment in application security testing for your executive team.</p> <h2><strong>5. Review Customer Testimonials and Case Study Content</strong></h2> <p>It can be extremely challenging for security providers to convince organizations to participate in customer testimonials or case studies because of the confidential nature of their security deployments. However, nothing is more valuable than a firsthand perspective from an application security testing provider’s client. For this reason, you should confirm that your provider has current case study information available for you to peruse.</p> <p>Here are recent examples from our application security testing client base:</p> <h3>Turkish Retail Giant</h3> <p>In this video, you’ll learn how a large retailer in Turkey utilizes application security testing and security information and event management (SIEM) solutions to support rapid business growth, and protect its business and clientele from evolving security threats.</p> <h3>Travel and Expense Software Provider</h3> <p>In this short video, you’ll find out how the organization leverages IBM Security AppScan to conduct application security testing for source code and production code to protect clients’ privileged travel and expense reporting information from potential attackers. You’ll also find out why the company’s contact wanted to give his IBM service contact “a big bear hug.”</p> <h3>Major Insurance Provider</h3> <p>This video explains how a major insurance provider utilizes IBM’s data security and application security testing solutions to continuously monitor and audit access across databases, warehouses and big data environments, and enforce its security policies in real time.</p> <h3>Large Global Automaker</h3> <p>This online case study describes how a leading automaker selected IBM and IBM partner Arxan to help secure its connected car ecosystem by protecting its apps and dealer tools from potential hacking threats.</p> <p class="c3">Eager to learn even more about protecting your apps? Register for the Aug. 17 webinar </p> <p class="bottom_topics">Topics: Application Security, Application Security Testing, Forrester, IBM, IBM Security, Risk Management</p> </p></div> <p><img src="http://pixel.quantserve.com/pixel/p-89EKCgBk8MZdE.gif" border="0" height="1" width="1" /><br /> <a rel="nofollow" href="http://feedproxy.google.com/~r/SecurityIntelligence/~3/AqNc4gkx3ig/">Security Intelligence</a></p> <!-- /article-content --> </div> <div class="cleared"></div> <div class="romeo-postfootericons romeo-metadata-icons"><span class="romeo-postcategoryicon"><span class="categories">Posted in</span> <a href="http://www.ineedachick.com/category/ransonware/" rel="category tag">Ransonware</a></span> | <span class="romeo-posttagicon"><span class="tags">Tagged</span> <a href="http://www.ineedachick.com/tag/application/" rel="tag">Application</a>, <a href="http://www.ineedachick.com/tag/critical/" rel="tag">Critical</a>, <a href="http://www.ineedachick.com/tag/effectively/" rel="tag">Effectively</a>, <a href="http://www.ineedachick.com/tag/five/" rel="tag">Five</a>, <a href="http://www.ineedachick.com/tag/provider/" rel="tag">Provider</a>, <a href="http://www.ineedachick.com/tag/security/" rel="tag">security</a>, <a href="http://www.ineedachick.com/tag/selecting/" rel="tag">Selecting</a>, <a href="http://www.ineedachick.com/tag/steps/" rel="tag">Steps</a>, <a href="http://www.ineedachick.com/tag/testing/" rel="tag">testing</a></span> | <span class="romeo-postcommentsicon"><a href="http://www.ineedachick.com/five-critical-steps-to-effectively-selecting-an-application-security-testing-provider/#respond">Leave a comment</a></span></div> </div> <div class="cleared"></div> </div> </div> <div class="cleared"></div> </div> </div> </div> </div> <div class="cleared"></div> <div class="cleared"></div> </div> </div> <div class="romeo-footer"> <div class="romeo-footer-body"> <div class="romeo-footer-center"> <div class="romeo-footer-wrapper"> <div class="romeo-footer-text"> <a href="http://www.ineedachick.com/feed/" class='romeo-rss-tag-icon' title="I Need A Chick RSS Feed"></a> <p>Copyright © 2020. All Rights Reserved.</p> <div class="cleared"></div> <p class="romeo-page-footer"></p> </div> </div> </div> <div class="cleared"></div> </div> </div> <div class="cleared"></div> </div> <div id="wp-footer"> <script type='text/javascript' src='http://www.ineedachick.com/wp-includes/js/wp-embed.min.js?ver=5.4.2'></script> <!-- 40 queries. 0.308 seconds. --> </div> </body> </html>