Veracode a third-party testing solution provided PistolStar, Inc engineers with the insight for PortalGuard v5.6.4
Bedford, NH October 11, 2017
PistolStar, Inc, flagship product PortalGuard has recently gone through a successful penetration test. The penetration test was completed by Veracode, a third-party application testing company featured as a leader in the prestigious Gartner Magic Quadrant. PistolStar partnered with Veracode to expand the quality control of its product by outsourcing for a third-party validation.
Throughout the process Veracode performed two types of testing. The first one being manual penetration where humans inspect the application and associated traffic. Then Static Code Analysis, which is when a bug version of the compiled source code is uploaded to an automated service that evaluates all run-time executable “code paths”.
After the testing results PistolStar engineers came out with PortalGuard v5.6.4 equipped with new enhancements and features. There are two main features that highlight PortalGuard’s new version.
Password Prompting for Account Management Changes: As an optional security measure, admins can require end users to re-enter their password when making changes to their account settings. This can prevent the possibility of a user walking away from a browser with an active PortalGuard session and having a malicious user sit down and add a new phone that can be used for two-factor authentication or to reset a password.
Terminated Session Detection & Prevention: PortalGuard uses the standard ASP.NET session implementation which uses an encrypted cookie value to store the user’s identity and session expiration. PortalGuard now overcomes an inherent vulnerability in this by actively monitoring for and preventing the re-use of sessions that have been manually terminated/logged out.
PistolStar is committed to excellence in the CyberSecurity identity management industry and is excited to continue a long-lasting relationship with Veracode to perform its annual penetration testing.
PortalGuard, CyberSecurity authentication package delivers a full set of features in a single, fully customizable solution for all education institutions including K-12, colleges and universities. Consistently acclaimed, PortalGuard provides single sign-on (SSO), self-service password reset (SSPR), two-factor authentication (2FA), and over 120 other features to ensure that each organization is equipped with the tools needed to face any authentication challenge.
Veracode, CA Technologies application security business, is a leader in helping organizations secure the software that powers their world. Veracode’s SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Our complete set of offerings help customers reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements, and cost effectively secure their software assets- whether that’s software they make, buy or sell.
Veracode serves over a thousand customers across a wide range of industries, including nearly one-third of the Fortune 100, three of the top four U.S. commercial banks and more than 20 of Forbes’ 100 Most Valuable Brands. Learn more at www.veracode.com, on the Veracode blog and on Twitter.
About PistolStar, Inc.
PistolStar, Inc. is an authority on secure portal architecture. Its solutions are built to adapt to changing circumstances. Its flagship product, PortalGuard, is a secure, central integration portal software that is suited to fit both on-premises and cloud-based environments. From secure single sign-on and self-service password reset to seamless integration and brandability, PortalGuard has brought phenomenal growth to PistolStar, Inc. This growth is also attributed to the team’s dedicated and responsive customer support. For over 17 years, PistolStar has provided its solutions to both companies and educational institutions.
PortalGuard Contact Information: