HID Global’s naviGO software receives Veracode’s highest possible 'A' security rating

HID Global's naviGO™ software version 1.37 has received Veracode's highest possible rating, 'A

HID Global, the trusted worldwide leader in providing solutions for the delivery of secure identity, today announced that its naviGO™ software version 1.37 has received Veracode's highest possible rating -- "A" -- for its application security level. Veracode's rating shows that naviGO has been tested against industry-standard benchmarks such as the Common Weakness Enumeration - CWE; Common Vulnerability Scoring System - CVSS; and the National Institute of Standards and Technology - NIST; to determine software weaknesses and vulnerability severity levels. naviGO is the only credential management software to receive the A rating, providing independent validation of naviGO code, by quantifying security risk identified in the application. naviGO users can be assured of the integrity of this key component of the HID on the Desktop™ solution, which conveniently improves risk management across the enterprise by using an organisation's existing physical access control cards to log into the IT infrastructure.

Mirroring the secure and convenient user experience popularised by the company's physical access control platforms, HID on the Desktop is a three-component solution (HID cards, readers and naviGO software) that delivers risk-appropriate authentication enabled by the use of a single credential for both physical and logical access. As part of the HID on the Desktop solution, naviGO software cost-effectively simplifies deployment of stronger authentication and manages the lifecycle of the user's authentication through credentials by HID, including contact smart cards (with digital certificates), high and low frequency contactless smart cards and Knowledge Based Authentication (KBA). The naviGO application has received the highest possible rating using the most stringent application security testing methods.

"As a leader in validating application security, Veracode's A rating supports our objective of creating trusted security solutions," said Brad Jarvis, vice president, product marketing, HID Global. "In addition to the convenience and cost-effectiveness of using HID credentials on the desktop, HID customers can rest assured that our naviGO software has been independently assessed by a trusted source against industry standards for software assurance."

naviGO is the only credential management software to receive the 'A' rating, providing independent validation of naviGO code, by quantifying security risk identified in the application

"Customers are demanding independent proof that the software they are purchasing is secure," said Matt Moynahan, CEO, Veracode. "Given the rapidly growing threat posed by insecure software, HID Global has established a leadership position in the market by demonstrating the security quality of the naviGO™ product through Veracode's SecurityReview® service. Customers have a choice when making software purchasing decisions and achieving the Veracode ‘A' rating provides a unique differentiator for HID Global and shows their deep commitment to responding to an increasingly important customer concern - the security and integrity of their critical data."

The Veracode rating incorporates business risk, so that critical applications like naviGO are rigorously evaluated in the context of the data they handle. This empowers enterprises to make informed risk-based decisions concerning software acceptance, purchasing and use. It demonstrates independent proof of software security to customers and enables compliance with internal and external compliance requirements.