WEB application security

Externally certified

We recognize that by being supplier of security and authentication software, our clients puts a level of thrust into our hands. To live up to these requirements all SW-development and testing aims at securing the highest WEB-application security standards.

We recognize and accept the leading international WEB-application security standards formulated by multiple organizations:

The latest version of FastPass 3.5 has been tested against the tough requirements from all three standards by Indusface Pvt.Ltd. Indusface is an authorized scanning vendor and is used by more than 700 large companies and SW-developers world-wide to assure that WEB-applications are safe for users and organizations.

The scanning of FastPass included more than 5000 different types of attacks against the FastPass Cloud configuration.

The conclusion of all the tests is:

The application FastPass Password Manager v. 3.5.2 is free from any severe vulnerability threat and safe to carry out transaction. The Web Client and the Mobile Client for the FastPass system was found to be very secure as no vulnerabilities were uncovered in this security audit. The environment is tested against OWASP and SANS guidelines and the application was found safe against them. The tested environment passes the PCI scan requirements. Vulnerabilities with a risk level of medium (CVSS level 4.0) or higher were NOT discovered. The overall security level is noted as Very High

The security is attained using FastPass 3.5.2 (all product and Cloud configurations) combined with FastPassCorp hardening recommendations as documented in FastPass installation Manual.

FastPassCorp is committed to a continued emphasis on the highest security standards for the development of all our enterprise password self service SW-products and Cloud services for our customers.

See the Conclusion from Indusface: link to document

Get the full test document from Indusface: link to documents page

The PCI Security Standards Council

The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

The PCI Security Standards Council touches the lives of hundreds of millions of people worldwide. A global organization, it maintains, evolves and promotes Payment Card Industry standards for the safety of cardholder data across the globe.

Who We Serve

We serve those who work with and are associated with payment cards. This includes: merchants of all sizes, financial institutions, point-of-sale vendors, and hardware and software developers who create and operate the global infrastructure for processing payments.

What We Do

There are two priorities for our work:

  • Helping merchants and financial institutions understand and implement standards for security policies, technologies and ongoing processes that protect their payment systems from breaches and theft of cardholder data.
  • Helping vendors understand and implement standards for creating secure payment solutions.

OWASP

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. You’ll find everything about OWASP here on or linked from our wiki and current information on our OWASP Blog. OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. We ask that the community look out for inappropriateuses of the OWASP brand including use of our name, logos, project names and other trademark issues.

There are thousands of active wiki users around the globe who review the changes to the site to help ensure quality. If you’re new, you may want to check out our getting started page. As a global group of volunteers with over 42,000 participants, questions or comments should be sent to one of our many mailing lists or directed to the OWASP Contact Us Form.

SANS Cyber institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.

”We strive continuously to improve our service. It is important to us to deliver modern and simple solutions helping customers to a more efficient operation. The cooperation with FastPass is yet another step in this direction”.

Mads Jacobsen
 Associate vice president

... seen an 80% reduction in assisted password resets. We’re very satisfied with the product. It has significantly freed us up from frustrating and unrewarding password resets

Oliver Holmes

Deputy Director, Technology and Operations

... The numbers have grown to the point that it would be impossible to operate in today’s busy environment without a password management service

 

 

FastPass handled 2,531 password calls, or more than 80% of the total password calls from all the users.

Per Kristensen

Project manager

 

...we have met our Customers’ Service and Cost Improvement challenges by reducing our call abandon rates by over 55% and our average wait times by over 60%, despite our overall budget being reduced.

Pete Townley

Lead Service Delivery

 

… about 90% use FastPass to reset their passwords. So we’ve seen a substantial reduction in calls to the help desk.

Winston Hughed

Vice President IT

 

We are very pleased with the product.  Fast pass has simplified password management and eliminated many password related calls

 

Chuck Mick

ERP Manager

Nyrstar has chosen FastPass to automate and improve the processes related to users’ forgotten passwords. This has improved user satisfaction and reduced the workload in the IT HelpDesk.

The number of forgotten passwords per involved user per year has dropped from 1,6 to 0,3. This is an improvement of 83%!

Hans Lauwers

SAP

 

... The numbers have grown to the point that it would be impossible to operate in today’s busy environment without a password management service

Haydn Tarr

 IT Technical Lead & Coordinator

 

Our employees use it to synchronize their Windows password with their IBM i password when they need to be changed every 90 days due to compliance. We find this is a quiet, behind-the-scenes way for our employees to change and remember their passwords.”

Larry Marxen

Director of Information Systems

 

North America T: +1 (212) 419-4921

Europe T: + 45 4810 0410

FastPassCorp A/S 1350 Avenue of the Americas, 2nd Floor, New York, NY 10019, USA FastPassCorp A/S Lyngby Hovedgade 98Kgs. Lyngby, DK 2800 Denmark

© FastPassCorp A/S. All Rights Reserved.