High Marks For TAG On OWASP Security Audit

TAG Video Systems has received high marks for its security protocols following a rigorous and thorough two-part audit based on criteria developed by the Open Web Application Security Project (OWASP).

According to Paul Briscoe, TAG’s chief architect, the results of this audit are a testament to the Company’s success in providing heightened security to its customers.

“One of the hottest topics today is security,” explained Briscoe. “Our customers deserve to know that their systems are pristine and their most valuable asset – their content, is safe. TAG supports all the standard safety protocols such as HTTPS and FTPS, offers Proxy capabilities to prevent unauthorized Internet access, and is constantly integrating updated security levels into our MCM-9000. We welcomed the opportunity to be audited and we’re proud to announce that the audit verified the effectiveness of our safety protocols.”

The security of TAG’s software-based MCM-9000 Multiviewer and monitoring solution was the subject of the dual-phased audit. The first part, Penetration Testing, assessed the solution’s ability to withstand breach attempts aimed at harming the system itself, or at gaining access to other applications on the infrastructure. TAG’s MCM-9000 scored high marks, proving itself resistant to unauthorized access.

Phase two of the audit, developed by OWASP and known as the Application Security Verification Standard (ASVS), evaluated the MCM-9000’s ability to address and mitigate the TOP 10 most critical security risks facing web developers and applications, including: injection flaws, broken authentication and access control, sensitive data exposure, poorly configured XML processors, security misconfiguration, cross-scripting flaws, insecure deserialization, vulnerable components and insufficient logging and monitoring. Phase two examined the procedures that were undertaken to develop the software and the security processes implemented to safeguard the data against risks. TAG’s MCM-9000 was verified for compliance with ASVS Levels 1 and 2, the stages that address applications containing sensitive data.

“Our MCM-9000 not only met the criteria set forth by OWASP but surpassed expectations,” added Briscoe. “We’re beyond pleased that our customers can be secure in the fact that their data and internal systems, and in turn their revenues, are securely protected from content hackers. This confirmation goes a long way to providing peace of mind for content owners.” 

You might also like...

Essential Guide: Flexible IP Monitoring

Video, audio and metadata monitoring in the IP domain requires different parameter checking than is typically available from the mainstream monitoring tools found in IT. The contents of the data payload are less predictable and packet distribution more tightly defined…

Is Remote Operation Underrated?

A recent Lawo remote activities case study notes, “It should be obvious by now that remote operation has been seriously underrated. For some, it allows to save substantial amounts of money, while others will appreciate the time gained from not…

The Sponsors Perspective: PTP In LANs & WANs - An Essential Component In IP Broadcast Infrastructure

PTP - as a precise network timing technology has been available for nearly two decades. It is already widely used in Telecommunication networks, Finance and Trading platforms, substation automation networks and many more industries. Every industry has its own demands…

Essential Guide: Software IP Enabling Storytelling

Television is still a niche industry, but nonetheless, one of the most powerful story telling mediums in existence. Whether reporting news events, delivering educational seminars, or product reviews, television still outperforms all other mediums in terms of its ability to…

The Sponsors Perspective: Emerald - Moving The KVM Story Forward

KVM (keyboard, video, mouse) switching and KVM extension provide access to critical IT assets. They might be deployed to give desktop users access to multiple computers from a single console, keyboard, and mouse, or implemented by facilities to enable distribution…