HID Global, the trusted worldwide provider in solutions for the delivery of secure identity, announced that its naviGO software version 1.37 has received Veracode's highest possible rating -- “A” -- for its application security level. Veracode's rating shows that naviGO has been tested against industry-standard benchmarks such as the Common Weakness Enumeration – CWE; Common Vulnerability Scoring System – CVSS; and the National Institute of Standards and Technology - NIST; to determine software weaknesses and vulnerability severity levels. naviGO is the only credential management software to receive the A rating, providing independent validation of naviGO code, by quantifying security risk identified in the application. naviGO users can be assured of the integrity of this key component of the HID on the Desktop solution, which conveniently improves risk management across the enterprise by using an organization's existing physical access control cards to log into the IT infrastructure.
Mirroring the secure and convenient user experience popularized by the company's physical access control platforms, HID on the Desktop is a three-component solution (HID cards, readers and naviGO software) that delivers risk-appropriate authentication enabled by the use of a single credential for both physical and logical access. As part of the HID on the Desktop solution, naviGO software cost-effectively simplifies deployment of stronger authentication and manages the lifecycle of the user's authentication through credentials by HID, including contact smart cards (with digital certificates), high and low frequency contactless smart cards and Knowledge Based Authentication (KBA). The naviGO application has received the highest possible rating using stringent application security testing methods.
"In addition to the convenience and cost-effectiveness of using HID credentials on the desktop, HID customers can rest assured that our naviGO software has been independently assessed by a trusted source against industry standards for software assurance," said Brad Jarvis, VP of Product Marketing for HID Global.
"Customers are demanding independent proof that the software they are purchasing is secure,” said Matt Moynahan, CEO, Veracode. “Customers have a choice when making software purchasing decisions and achieving the Veracode "A' rating provides a unique differentiator for HID Global and shows their deep commitment to responding to an increasingly important customer concern – the security and integrity of their critical data.”
The Veracode rating incorporates business risk, so that critical applications like naviGO are rigorously evaluated in the context of the data they handle. This empowers enterprises to make informed risk-based decisions concerning software acceptance, purchasing and use. It demonstrates independent proof of software security to customers and enables compliance with internal and external compliance requirements.