Security Innovation Launches Industry’s First Certification Program Focused on Security in the Software Development Lifecycle

First customer adopts Security Innovation’s Secure Development Practices Assessment Certification (SD-PAC) to ecosystem of third-party ISVs

WILMINGTON, Mass., March 27, 2019 (GLOBE NEWSWIRE) -- Security Innovation, an authority in software security assessment and training, announced today the availability of the company’s new certification program specifically evaluating and certifying the application of security best practices in software development. A majority of companies rely on third party applications and code – including firmware code - that can introduce risk to end customer IT environments. Security Innovation’s SD-PAC provides thorough evaluation of a software product’s development process, aligns documented processes with best practices and certifies the development adheres to security best practices.

With 90 percent of attacks occurring at the software layer (source: DHS) and most software including third party code and components, there is a need to secure the entire supply chain for maximum protection. SD-PAC seeks to build in security throughout the design, coding, and testing of software encompassing seven security domains.

According to a recent Spiceworks study, while 83 percent of respondents had secured their PCs, and 55 percent their mobile devices, only 41 percent of respondents reported they had either network security, access control, data protection or endpoint security on their printers. The data illustrates a concerning gap in printer cybersecurity. In addition, a September 2018 Quocirca Enterprise Managed Print Services survey revealed that the second highest print infrastructure concern among customers is the applications and software running on MFPs and printers.

As such, HP Inc. is the first to adopt SD-PAC to ecosystem of third party ISVs, and  has already certified six (6) of the company’s printer-related software and firmware products, and encouraged its HP JetAdvantage Apps partners to attain the certification.

With an increasing amount of RFIs and RFQs expanding their requirements for print security, incorporating robust SDLC best practices into design, development, and testing of solutions has given HP and its partners a competitive edge. 

“SD-PAC is the first program in the cybersecurity industry to focus on the lifecycle aspect of software, not just a point in time vulnerability inspection,” stated Ed Adams, president and CEO of Security Innovation. “Together with our security assessment and training solutions, we remain committed to helping companies reduce enterprise risk where they are most vulnerable – their software applications,” continued Adams.

The SD-PAC certification is available now.  More information can be found on the Security Innovation website.

Security Innovation is a pioneer in software security and trusted advisor to its clients. Since 2002, organizations have relied on our assessment and training solutions to make the use of software systems safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud. The company’s flagship product, CMD+CTRL Cyber Range, is the industry’s only simulated Web site environment designed to build the skills teams need to protect the enterprise where it is most vulnerable – at the application layer. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit or connect with us on LinkedIn or Twitter.

Security Innovation Media Contact:
Joshua Milne