About Our Web Application Security Company

NT OBJECTives’ Company History

Our web application security company is staffed with a team of individuals who have substantial experience in the security community. NTO’s engineering team was part of the core development team that created Foundscan, the first next generation vulnerability scanner, while at Foundstone, a division of McAfee, Inc. In the summer of 2002, several of the core product team at Foundstone left to pursue common interests in developing the first comprehensive web application security solution truly capable of addressing the emerging application security threats.

The NTO Culture

Everyone on the NTO team is an industry expert and is encouraged to innovate to solve the needs of each unique complex problem. Because NTO has a corporate culture that respects each team member and allows him/her broad levels of autonomy, we have created a suite of innovative technology to solve problems that were previously thought impossible. Every team member in our web security company is regularly exposed to real customers, either as a silent participant in sales and/or support calls, working directly with customers on bugs or features, or reviewing details of why potential opportunities were lost. This first-hand exposure enables us to have a more informed and purpose-driven team that is inspired and motivated to strive to solve these issues and improve our web application security products.

The NTO Vision

NTO believes that web application security represents the greatest security challenge facing the information technology industry today. Millions of custom web applications have been developed in the past two decades. No two are alike and the expectations for enhanced customer and partner interactions often introduce numerous vulnerabilities.

Manual penetration tests, the traditional means to identify web application vulnerabilities, are too expensive to be a solution for most applications. Even if every enterprise had the funds to review all of its applications as infrequently as once a year, there are not enough trained pen testers to do a tenth of the work.

The logical solution is an automated tool. Unfortunately, first generation vulnerability assessment tools were not truly automated and therefore did not provide comprehensive web application security. The complexities of modern web sites, including JavaScript, forms processing, complex authentication and session management, resulted in these early scanners requiring significant user interaction to completely crawl an application. Many users, untrained in their use, did not crawl even a portion of their sites and overlooked significant security holes. Moreover, these scanners merely pointed out long lists of vulnerabilities and did not assist security teams in assigning and remediating these vulnerabilities.

The NTO Approach

Our web security company is dedicated to creating the most automated security testing software and tools to allow security teams to test their sites with minimal work and remediate them quickly and efficiently. It has assembled several of the top experts in application security product design, development and consulting. Our tools implement the best practices in web application penetration testing learned over hundreds of assignments.

The most efficient time to eliminate vulnerabilities is during the development process. NTO offerstraining and professional services to help clients implement best practices across their organizations so that comprehensive web application security is a fully-integrated part of the application architecture.

Product Overview

NTOSpider is designed to be the most comprehensive, fully-automated web application scanner on the market. Available as software and as SaaS, NTOSpider automates the process of authentication, session management, crawling and attacking. NTOSpider helps security teams as they communicate vulnerabilities to application development teams and works with them to ensure that they are remediated. Our comprehensive web application security scanner categorizes vulnerabilities by their root cause, and provides useful and visual reporting to better facilitate remediation efforts.

To learn more about our web application security company’s history, vision or suite of security testing software and consulting services, please call 1-877-NTO-WEBS. You can also request a free trial of NTOSpider online or browse our suite of security testing software.