From The Expert Feature Article
June 03, 2013

Cenzic Bolsters Application Security Service

Most security managed service providers implement anti-malware, firewalls intrusion detection and prevention, access control – basically all manner of security tool and service.

Fewer help build security right into the applications themselves, especially customer corporate apps of which there are literally millions, and for which security is often a programming afterthought.

Where commercial companies like Microsoft (News - Alert) add security in from the start, and then patch like crazy afterwards, custom corporate apps are often like the Wild West, plenty of danger and precious little protection.

Cenzic is one of those security MSP exceptions, specifically targeting these applications. Last week the company enhanced its Managed Services for Enterprise Application Security (News - Alert).

The service can assess and then protect a range of application types, including Web, cloud and mobile apps. Applications can also be tested for compliance.

“The lines between Web, cloud and mobile are blurring, resulting in new, sophisticated and continuously changing online threat vectors. Today, enterprises simply do not have the luxury of investing specialized resources, time and budget to set up and manage dedicated security systems on a daily basis while trying to focus on their core business,” said Bala Venkat, chief marketing officer of Cenzic. “This managed offering helps lower capital expenditures and operating costs, while also allowing enterprises the assurance they are keeping up with the latest security threats to their business.”

Cenzic secures more than half a million online applications

The Cenzic service is completely automated, but relies on experts to do the vulnerability testing, which on the software side is driven by the company’s Hailstorm application vulnerability tool.

Once the experts find vulnerabilities, the service kicks in to recommend and implement risk mitigation procedures.

The company provides a bevy of services, starting with code analysis, which examines the program as its being built. Once the software is ready to be staged, it can be gone through again.

It can also perform penetration testing.

While we make it sound like Cenzic is all about custom apps, it can also test your overall environment, including legacy apps.

So what is the trick? “Cenzic's intelligent behavioral technology is the first to use behavioral, stateful and learning algorithms to ensure the highest accuracy for automated assessment of even the most complex applications,” the company argues.

A reasonably hot market

The MSP is hot on the trail of a reasonably hot market, at least according to the Cloud and CPE Managed Security Services report from Infonetics (News - Alert) Research.

The researcher looked at the overall market, of which Cenzic only targets the applications security portion.

Infonetics see these services are filling a critical gap that IT is unable to plug. “Buyers are moving to managed security services to deal with increased attack volume and complexity, manage security product sprawl, deliver consistent security for a distributed workforce and device population, and provide security for cloud infrastructure,” said Jeff Wilson, principal analyst for security at Infonetics Research (News - Alert).

The market is also growing up. “Manufacturers and service providers are developing more mature offerings to build out and deliver managed security to customers, and the net result is the market continues to enjoy healthy overall growth, with particularly strong growth for cloud-based services,” the analyst concluded.

Here’s how the market looks to Infonetics. “Equaling its 2011 performance, the global cloud and CPE managed security service market grew another 12 percent in 2012, to $13 billion,” the report found.

Edited by Alisen Downey