ThreadFix 1.1 Released

ThreadFix_72
ThreadFix 1.1 (final) is now available for download! You can pick up the ZIP (demonstration) install from the Google Code downloads site or you can pick up the VM image (for production use).

There were a whole lot of new features added and bugs updated during the 1.1 development cycle. You can see a full list of the Release 1.1 changes in the Google Code issue tracker. Some highlights include:

I wanted to extend a personal thanks to the invidivuals and organizations who have helped ThreadFix get to this point by providing funding, sending feedback, submitting bugs and otherwise just being a part of the growing ThreadFix community. Hearing from ThreadFix users is thrilling, occasionally humbling and always valuable for us. Feedback is the breakfast of champions, so we really appreciate hearing the good, bad and the ugly.

Looking to keep track of ThreadFix? Here are some resources:

We also sent out a press release for the occasion and the text of that release is:

Denim Group releases Vulnerability Management Platform ThreadFix 1.1 With More Enterprise-Class Features to Meet Customer Demand

ThreadFix Aggregates Disparate Vulnerability Test Results And Delivers A Prioritized List of Software Defects To The Development Team To Secure Applications Faster & More Easily

SAN ANTONIO, TX – March 25, 2013Denim Group, the leading secure software development company, today announced ThreadFix 1.1, an intelligent open-source application management platform that imports test results from a variety of testing tools to present a centralized view of the security status of corporate applications throughout the organization.  ThreadFix 1.1 has been upgraded with a variety of enterprise-class capabilities, all sponsored by large organizations eager to adopt this innovative platform into their organization to speed up the securing of their customer-facing and internal applications.

“Large organizations are seeing the value of consolidating duplicate vulnerability information generated by overlapping reports into a centralized dashboard, enabling their teams to release applications into the marketplace that are not only feature-rich but resilient and secure,” said Dan Cornell, Denim Group CTO.  “Having access to all the available information about a given vulnerability in one spot improves the communications conduit between the developers and security team to such a level that productivity is increased without sacrificing quality, and that’s a win-win for the whole industry.”

ThreadFix imports dynamic, static and manual testing results into a centralized console that removes duplicate findings across multiple testing platforms to provide a prioritized list of the security vulnerabilities for each corporate application.  These results can be quickly exported into defect trackers used by the company’s software developers, injecting these security tasks into their regular work flow.  ThreadFix also uses this vulnerability data to automatically generate web application firewall and IDS/IPS rules that ensure sensitive corporate data is protected during the application repair process. Based on alerts from these virtual patch rules, ThreadFix also tracks current attack attempts, enabling the system to provide a real-world view of the criticality of individual vulnerabilities. Finally, ThreadFix provides trending reports, enabling team members as well as management to track and improve productivity over time.

The new version of ThreadFix is now compatible with several sophisticated tools to better fulfill the needs of enterprise-wide application development teams.  For example, in addition to the Bugzilla and JIRA bug trackers, ThreadFix’s prioritized and aggregated results can now also be exported into Microsoft Team Foundation Server, the collaboration platform at the core of Microsoft’s application lifecycle management used in many enterprises.  As a result of this integration, it is much easier to work with both the developers and the security analysts as both teams continue to use tools they already know.  The integration of both the NTOSpider and IBM Security AppScan Enterprise dynamic analysis testing platforms as well as the static analysis IBM Security AppScan Source tool enables ThreadFix to now import testing results from more than 20 software security testing tools and services, making ThreadFix useable to a wider number of organizations.

ThreadFix 1.1 also offers a tighter integration with Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory (AD) authentication protocols enabling ThreadFix to be better integrated inside of the enterprise workflow. As a result, ThreadFix users can now be included in the centralized enterprise management system provided by LDAP and AD to manage user accounts.  The corporation’s software developers and security experts that use ThreadFix across the enterprise will no longer need to manage multiple users IDs and passwords.  The integration also allows access rules to be applied based on a “need-to-know” basis to better reflect real-world team roles to further improve the organization’s overall security posture.

ThreadFix also now allows security and development teams to add comments and context to individual vulnerability content, enabling meaningful two-way communications that enhance the quality of remediation efforts.  The individualized notes decrease team distractions while improving internal communication about the code’s content.  The result is shorter development and test cycles, once again, accelerating the application vulnerability resolution process.

With these multi-tool and multi-team capabilities, ThreadFix is setting the standard for application security management within organizations of all sizes.  Initially released in September of 2012, the open-source application has been downloaded over two thousand times and has been used to successfully reduce the time required to fix critical application software vulnerabilities. The product’s growing momentum with several Fortune 500 and government organizations demonstrates how large enterprises are embracing ThreadFix as a critical enabling platform to more effectively manage application software security programs.

Immediately available, ThreadFix 1.1 can be downloaded through the following link:  http://www.denimgroup.com/threadfix.  Denim Group also offers additional commercial support and implementation services for organizations deploying ThreadFix. To learn more, contact Denim Group at sales@denimgroup.com or (210) 572-4400.

About Denim Group

Denim Group is the leading secure software development firm. The company builds custom large-scale software development projects across multiple platforms, languages and applications. What makes Denim Group unique is that the company brings significant core competencies in software security to the table, offering an innovative blend of secure software development, testing and training capabilities that protect a company’s biggest asset, its data.

Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries. Its depth of experience building large-scale software development systems in a secure fashion has made the company’s leaders recognized experts in their fields. Denim Group has been recognized as one of the 5,000 Fastest Growing Company’s by Inc. Magazine five years in a row, and has won multiple awards including its recent accolades as one of the best places to work in San Antonio. For more information about Denim Group visit http://www.denimgroup.com.

###

Denim Group is a registered service mark of Denim Group, Ltd. Other names and brands may be claimed as the property of others.

Contact us for help managing your software security program with ThreadFix.

–Dan

dan _at_ denimgroup.com

@danielcornell

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

89 Responses to “ThreadFix 1.1 Released”

  1. stairlifts

    There’s certainly a great deal to know about this topic. I really like all of the points you have made.

  2. ppi claims

    Hi there, yes this piece of writing is really pleasant and I have learned lot of things from it concerning blogging. thanks.

  3. ppi claims

    Good day! I could have sworn I’ve visited this blog before but after looking at some of the articles I realized it’s new to me. Anyhow, I’m definitely pleased I found it and I’ll be book-marking it and checking back often!

  4. ppi claims

    Wonderful blog! I found it while searching on Yahoo News. Do you have any tips on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Cheers

  5. ppi claims

    Hurrah! In the end I got a website from where I can actually take useful information regarding my study and knowledge.

  6. ppi claims

    Good post. I learn something totally new and challenging on websites I stumbleupon on a daily basis. It will always be helpful to read through content from other writers and use a little something from their sites.

  7. ppi claims

    I am truly pleased to glance at this webpage posts which contains tons of useful data, thanks for providing such information.

  8. ppi claims

    I was recommended this website by my cousin. I’m not sure whether this post is written by him as nobody else know such detailed about my problem. You’re amazing! Thanks!

  9. ppi claims

    Attractive section of content. I just stumbled upon your web site and in accession capital to assert that I get in fact enjoyed account your blog posts. Any way I’ll be subscribing to your feeds and even I achievement you access consistently fast.

  10. ppi claims

    Wow, that’s what I was exploring for, what a information! existing here at this blog, thanks admin of this site.

  11. ppi claims

    Just wish to say your article is as astounding. The clarity in your publish is just spectacular and i can assume you’re an expert in this subject. Well along with your permission let me to clutch your RSS feed to stay updated with impending post. Thanks one million and please carry on the gratifying work.

  12. ppi claims

    Stunning story there. What occurred after? Take care!

  13. ppi claims

    Pretty nice post. I just stumbled upon your blog and wished to say that I have really enjoyed surfing around your blog posts. After all I will be subscribing to your feed and I hope you write again soon!

  14. ppi claims

    I’m impressed, I have to admit. Seldom do I come across a blog that’s both educative and interesting, and without a doubt, you have hit the nail on the head. The issue is something which too few men and women are speaking intelligently about. Now i’m very happy that I came across this in my hunt for something relating to this.

  15. ppi claims

    I really like it whenever people get together and share thoughts. Great website, continue the good work!

  16. ppi claims

    Simply want to say your article is as astounding. The clearness in your post is simply cool and i can assume you’re an expert on this subject. Fine with your permission allow me to grab your feed to keep up to date with forthcoming post. Thanks a million and please continue the enjoyable work.

  17. ppi claims

    I’m not sure where you’re getting your info, but good topic. I needs to spend some time learning much more or understanding more. Thanks for fantastic information I was looking for this information for my mission.

  18. ppi claims

    You’re so cool! I don’t think I’ve truly read through anything like that before. So nice to find somebody with genuine thoughts on this topic. Seriously.. thanks for starting this up. This site is something that is needed on the internet, someone with some originality!

  19. ppi claims

    Very good site you have here but I was wondering if you knew of any forums that cover the same topics discussed here? I’d really like to be a part of community where I can get feed-back from other knowledgeable individuals that share the same interest. If you have any recommendations, please let me know. Cheers!

  20. ppi claims

    Hola! I’ve been reading your website for a while now and finally got the courage to go ahead and give you a shout out from New Caney Texas! Just wanted to tell you keep up the excellent job!

  21. ppi claims

    Hi there, I check your new stuff regularly. Your humoristic style is awesome, keep doing what you’re doing!

  22. ppi claims

    Excellent blog right here! Additionally your web site quite a bit up very fast! What host are you the usage of? Can I get your associate link in your host? I wish my web site loaded up as quickly as yours lol

  23. ppi claims

    I think this is one of the most vital info for me. And i’m glad reading your article. But wanna remark on some general things, The site style is great, the articles is really nice : D. Good job, cheers

  24. ppi claims

    Great beat ! I wish to apprentice while you amend your website, how could i subscribe for a blog site? The account helped me a acceptable deal. I had been tiny bit acquainted of this your broadcast offered bright clear idea

  25. ppi claims

    Hello, I enjoy reading through your post. I like to write a little comment to support you.

  26. ppi claims

    I loved as much as you’ll receive carried out right here. The sketch is tasteful, your authored subject matter stylish. nonetheless, you command get bought an shakiness over that you wish be delivering the following. unwell unquestionably come more formerly again since exactly the same nearly very often inside case you shield this hike.

  27. ppi claims

    It’s going to be ending of mine day, however before end I am reading this enormous article to increase my knowledge.

  28. ppi claims

    Heya i am for the first time here. I found this board and I find It truly helpful & it helped me out much. I’m hoping to provide one thing back and aid others like you helped me.

  29. ppi claims

    I couldn’t resist commenting. Perfectly written!

  30. ppi claims

    Hmm it appears like your site ate my first comment (it was extremely long) so I guess I’ll just sum it up what I wrote and say, I’m thoroughly enjoying your blog. I too am an aspiring blog writer but I’m still new to everything. Do you have any tips and hints for rookie blog writers? I’d definitely appreciate it.

  31. ppi claims

    Great article, just what I was looking for.

  32. ppi claims

    Hurrah! After all I got a web site from where I be capable of really take valuable information regarding my study and knowledge.

  33. ppi claims

    Very good info. Lucky me I came across your site by chance (stumbleupon). I’ve book-marked it for later!

  34. ppi claims

    An interesting discussion is definitely worth comment. There’s no doubt that that you ought to write more about this subject, it might not be a taboo matter but generally people don’t talk about such issues. To the next! All the best!!

  35. ppi claims

    We are a group of volunteers and opening a new scheme in our community. Your website provided us with valuable information to work on. You’ve done a formidable job and our entire community will be grateful to you.

  36. ppi claims

    each time i used to read smaller articles that as well clear their motive, and that is also happening with this paragraph which I am reading at this place.

  37. ppi claims

    Hi there! Would you mind if I share your blog with my myspace group? There’s a lot of people that I think would really appreciate your content. Please let me know. Many thanks

  38. ppi claims

    Hi! Would you mind if I share your blog with my zynga group? There’s a lot of folks that I think would really appreciate your content. Please let me know. Many thanks

  39. ppi claims

    Hello there, I found your blog via Google while looking for a related topic, your website got here up, it appears to be like good. I’ve bookmarked it in my google bookmarks. Hello there, just become alert to your weblog through Google, and found that it is truly informative. I am gonna be careful for brussels. I’ll appreciate in case you proceed this in future. A lot of people will probably be benefited out of your writing. Cheers!

  40. ppi claims

    Have you ever considered about adding a little bit more than just your articles? I mean, what you say is valuable and everything. However think about if you added some great visuals or videos to give your posts more, “pop”! Your content is excellent but with images and videos, this blog could definitely be one of the best in its field. Awesome blog!

  41. ppi claims

    I wanted to thank you for this wonderful read!! I definitely loved every little bit of it. I have you book marked to check out new things you post…

  42. ppi claims

    whoah this blog is fantastic i love reading your posts. Stay up the good work! You know, lots of people are looking round for this info, you could help them greatly.

  43. ppi claims

    Very nice article, just what I was looking for.

  44. ppi claims

    This paragraph is truly a fastidious one it helps new web visitors, who are wishing in favor of blogging.

  45. ppi claims

    We are a group of volunteers and opening a new scheme in our community. Your web site offered us with valuable information to work on. You’ve done a formidable job and our whole community will be grateful to you.

  46. ppi claims

    I am curious to find out what blog system you have been working with? I’m having some small security issues with my latest website and I would like to find something more safe. Do you have any recommendations?

  47. ppi claims

    Hello would you mind stating which blog platform you’re using? I’m going to start my own blog in the near future but I’m having a hard time choosing between BlogEngine/Wordpress/B2evolution and Drupal. The reason I ask is because your design and style seems different then most blogs and I’m looking for something completely unique. P.S Apologies for being off-topic but I had to ask!

  48. ppi claims

    You could definitely see your expertise in the work you write. The arena hopes for more passionate writers such as you who are not afraid to say how they believe. Always follow your heart.

  49. ppi claims

    Excellent goods from you, man. I have understand your stuff previous to and you’re just extremely great. I really like what you have acquired here, certainly like what you are saying and the way in which you say it. You make it enjoyable and you still take care of to keep it wise. I cant wait to read far more from you. This is actually a great site.

  50. ppi claims

    I’ve been exploring for a little for any high quality articles or weblog posts on this sort of area . Exploring in Yahoo I eventually stumbled upon this site. Studying this information So i am satisfied to express that I’ve an incredibly excellent uncanny feeling I discovered exactly what I needed. I so much for sure will make sure to do not omit this website and provides it a look on a constant basis.

  51. ppi claims

    Does your site have a contact page? I’m having trouble locating it but, I’d like to send you an e-mail. I’ve got some recommendations for your blog you might be interested in hearing. Either way, great site and I look forward to seeing it improve over time.

  52. ppi claims

    When someone writes an paragraph he/she maintains the thought of a user in his/her brain that how a user can know it. Thus that’s why this paragraph is perfect. Thanks!

  53. ppi claims

    Hey there, I think your blog might be having browser compatibility issues. When I look at your website in Opera, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, very good blog!

  54. ppi claims

    I have been exploring for a bit for any high quality articles or blog posts on this sort of space . Exploring in Yahoo I at last stumbled upon this web site. Studying this info So i’m glad to show that I have a very excellent uncanny feeling I discovered just what I needed. I so much undoubtedly will make certain to do not forget this site and provides it a glance regularly.

  55. ppi claims

    Hey, I think your blog might be having browser compatibility issues. When I look at your blog in Ie, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, terrific blog!

  56. ppi claims

    Hey, I think your website might be having browser compatibility issues. When I look at your blog in Ie, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, terrific blog!

  57. ppi claims

    Everything is very open with a clear clarification of the issues. It was really informative. Your website is useful. Many thanks for sharing!

  58. ppi claims

    Nice blog here! Also your site loads up fast! What host are you using? Can I get your affiliate link to your host? I wish my website loaded up as fast as yours lol

  59. ppi claims

    I’m really enjoying the theme/design of your site. Do you ever run into any internet browser compatibility issues? A few of my blog visitors have complained about my blog not working correctly in Explorer but looks great in Safari. Do you have any solutions to help fix this problem?

  60. ppi claims

    I used to be recommended this web site through my cousin. I am now not sure whether or not this post is written by him as no one else know such specific about my trouble. You’re amazing! Thank you!

  61. ppi claims

    Hi would you mind letting me know which webhost you’re working with? I’ve loaded your blog in 3 completely different internet browsers and I must say this blog loads a lot quicker then most. Can you recommend a good hosting provider at a reasonable price? Kudos, I appreciate it!

  62. ppi claims

    I don’t even know how I ended up here, but I thought this post was great. I do not know who you are but certainly you are going to a famous blogger if you aren’t already ;) Cheers!

  63. ppi claims

    We are a group of volunteers and starting a new scheme in our community. Your site provided us with valuable info to work on. You have done an impressive job and our whole community will be thankful to you.

  64. ppi claims

    I don’t even know how I ended up here, but I thought this post was good. I do not know who you are but definitely you’re going to a famous blogger if you are not already ;) Cheers!

  65. ppi claims

    Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your point. You obviously know what youre talking about, why throw away your intelligence on just posting videos to your blog when you could be giving us something informative to read?

  66. ppi claims

    Peculiar article, exactly what I wanted to find.

  67. ppi claims

    hey there and thank you for your information – I’ve definitely picked up something new from right here. I did however expertise a few technical issues using this site, since I experienced to reload the site a lot of times previous to I could get it to load properly. I had been wondering if your web host is OK? Not that I am complaining, but sluggish loading instances times will sometimes affect your placement in google and could damage your quality score if advertising and marketing with Adwords. Well I’m adding this RSS to my e-mail and can look out for much more of your respective intriguing content. Make sure you update this again soon.

  68. ppi claims

    Its like you read my thoughts! You appear to grasp so much approximately this, such as you wrote the e book in it or something. I feel that you simply could do with some p.c. to pressure the message home a little bit, but other than that, that is magnificent blog. An excellent read. I’ll definitely be back.

  69. ppi claims

    Hey there! I’ve been reading your weblog for some time now and finally got the bravery to go ahead and give you a shout out from Houston Texas! Just wanted to mention keep up the great job!

  70. ppi claims

    Fantastic beat ! I wish to apprentice while you amend your web site, how could i subscribe for a blog site? The account aided me a acceptable deal. I had been a little bit acquainted of this your broadcast offered bright clear concept

  71. ppi claims

    This is the perfect site for anyone who wishes to find out about this topic. You realize a whole lot its almost tough to argue with you (not that I really will need to…HaHa). You definitely put a fresh spin on a subject which has been discussed for many years. Excellent stuff, just wonderful!

  72. ppi claims

    Very energetic blog, I enjoyed that bit. Will there be a part 2?

  73. ppi claims

    I constantly spent my half an hour to read this weblog’s articles or reviews all the time along with a mug of coffee.

  74. ppi claims

    Hi friends, good article and pleasant urging commented here, I am in fact enjoying by these.

  75. ppi claims

    Marvelous, what a blog it is! This website gives helpful facts to us, keep it up.

  76. ppi claims

    You’re so awesome! I do not think I have read through anything like this before. So nice to find another person with original thoughts on this subject matter. Really.. thank you for starting this up. This site is something that is required on the internet, someone with a little originality!

  77. ppi claims

    I am curious to find out what blog system you happen to be utilizing? I’m having some minor security problems with my latest site and I’d like to find something more risk-free. Do you have any suggestions?

  78. ppi claims

    Touche. Solid arguments. Keep up the great spirit.

  79. ppi claims

    If some one wants expert view concerning blogging and site-building after that i suggest him/her to go to see this website, Keep up the nice work.

  80. conservatory prices

    Hmm is anyone else experiencing problems with the images on this blog loading? I’m trying to figure out if its a problem on my end or if it’s the blog. Any suggestions would be greatly appreciated.

  81. conservatories prices

    I’ve learn some just right stuff here. Definitely price bookmarking for revisiting. I surprise how much effort you set to make one of these excellent informative web site.

  82. conservatory prices

    Good information. Lucky me I came across your website by accident (stumbleupon). I’ve saved it for later!

  83. conservatory prices

    Saved as a favorite, I really like your website!

  84. conservatory prices

    What’s Going down i’m new to this, I stumbled upon this I’ve discovered It absolutely helpful and it has helped me out loads. I hope to give a contribution & aid different customers like its aided me. Great job.

  85. conservatories prices

    Greetings! Very useful advice within this article! It’s the little changes that produce the greatest changes. Thanks a lot for sharing!

  86. conservatory prices

    Thank you, I’ve recently been searching for info about this topic for ages and yours is the best I have discovered so far. But, what about the bottom line? Are you positive concerning the source?

  87. conservatories prices

    It’s remarkable to go to see this web page and reading the views of all mates concerning this paragraph, while I am also keen of getting knowledge.

  88. conservatories prices

    Hello, this weekend is nice for me, because this moment i am reading this wonderful informative article here at my house.

  89. conservatories prices

    I read this post completely regarding the comparison of most recent and preceding technologies, it’s remarkable article.

Leave a Reply

Your email address will not be published. Required fields are marked *