FOD Finance Relies on CTG for the Implementation of a Web Application Security Solution
FOD Finance is the Belgium federal government service that is responsible for the nation’s finances and taxation.
Challenges and Objectives
FOD Finance was looking for a partner to help protect the government information managed by its web applications. Its objective was to ensure that there were no security leaks by proactively tracking weaknesses in the applications before their acceptance and implementation. FOD Finance also wanted the ability to validate software applications with respect to the best-practice security standards of the Open Web Application Security Project (OWASP). Further, FOD required training of all users (quality controllers, application architects, and developers) on how to use the solution so that the organization would continue to see benefits.
CTG identified the HP Fortify Static Code Analyzer as the product that best met all of the client’s requirements. Thorough project preparation and a comprehensive project plan enabled CTG to fully meet the needs of FOD Finance. CTG then organized a number of workshops in order to prepare for the installation and configuration of the HP Fortify Static Code Analyzer solution, and delivered an implementation plan that included a summary of all the tasks that needed to be executed during the implementation. Finally, CTG provided intensive training for tool administrators, end users of the software, project leaders, and development team leaders.
The most significant project result for FOD after the build of the source code was the daily code analysis, carried out in an automated way and fully integrated with the development tool chain. Software developers quickly and easily received feedback on the security of their code, creating a smooth and secure path for the future development, implementation, and maintenance of FOD Finance’s web applications.