CUTEK Partners with TraceSecurity to Secure its Nova and Loan Apps

Renewal Rates Exceed 95 Percent

MURRIETA, Calif. — January 27, 2010 — Financial technology provider, CUTEK, Inc., has partnered with security compliance and risk management solution provider, TraceSecurity, Inc., to enhance the security of the technology provider’s Nova Membership and Loan Applications.  Having already verified the security of CUTEK’s web applications, ensuring the applications are secure for credit union users, TraceSecurity can now perform a comprehensive penetration test for each credit union that signs up to implement a CUTEK application.  This individual penetration test will further ensure the security of each web application used by CUTEK clients.

According to Jim Stickley, CTO and Vice President of Strategy and Solutions for TraceSecurity, the Application Penetration test determines the feasibility of an attack, reveals any potential vulnerabilities within the application, and analyzes the effectiveness of the application’s existing countermeasures.
This is achieved by predefining a goal (i.e., circumvent existing application behavior and obtain critical data from the database) and reporting back as to whether that goal was achieved, documenting the exact process and providing proof of obtaining the defined goal.  This methodology includes both common and more advanced methods of hacking generally used in real-world scenarios.

TraceSecurity’s initial Application Penetration Test of the online banking application, Nova, resulted in an impressive rating of Above Average.  Stickley commented that “it is rare that that an application receives such a high rating on its first test conducted by TraceSecurity, and we were quite impressed with the overall security of the application.”

“TraceSecurity uses a ‘hand’s on’ method when performing Application Penetration Tests,” explains Stickley.  “We use a manual process, rather than automated scanners, to try and breach the application from outside the network…using the same methods real hacker would use.” 

“Having TraceSecurity conducting these security tests on our Nova and Loan applications ensures protection for the credit union users,” CUTEK President, Ron Murray, says. “Security is such a big issue in the financial services industry, it’s a huge benefit to have them partnering with us for our clients’ safety.”

TraceSecurity has found the manual approach allows their expert analysts to find vulnerabilities beyond what may revealed with only automated scanning tools.  Their testing methodology includes:

• Information gathering
• Vulnerability analysis
• Definition of secondary targets
• Exploitation and penetration attacks
• Results analysis
• Final analysis and documentation
• Special considerations

About CUTEK Inc.
CUTEK, located in Murrieta, Calif., is a financial technology development and consulting firm for credit unions. Operating nationwide, CUTEK was created so credit unions could expeditiously implement add-on modules and enhance the performance of their core processing systems with pre- and post-conversion services and operation enhancements. For more information on CUTEK, visit www.cutek.net.

About TraceSecurity
TraceSecurity is a leading provider of IT security compliance and risk management solutions. With 1,000 customers, TraceSecurity supports the security and risk management efforts of organizations in financial services, healthcare, insurance, government and other regulated sectors. The company helps organizations of all sizes to achieve, maintain and demonstrate security compliance while significantly improving their security posture. Key to TraceSecurity's success is the company's comprehensive patent-pending methodology that helps clients address all critical components of a successful security compliance program.

TraceSecurity delivers its solutions through an integrated Software-as-a-Service (SaaS) platform backed by expert professional services and comprehensive security awareness programs. The company's flagship offering, TraceCompliance Manager is the first comprehensive solution to integrate and automate regulatory compliance audits, policy management and dissemination, vulnerability assessment, vulnerability alerting and employee education and testing. TraceSecurity has also developed separate Risk Management and IT Audit Management solutions that can be integrated into the Compliance Manager.

The company's expert professionals provide comprehensive security assessments that include vulnerability assessments, penetration testing, application layer testing, IT audits and risk assessments. The team also provides security policy development, security awareness training and social engineering assessments. For more information, please visit www.tracesecurity.com.

# # #

Note: TraceSecurity is a trademark of TraceSecurity, Inc.

FOR IMMEDIATE RELEASE:
Dariel LeBoeuf
225-612-2153
dariel@tracesecurity.com