Forward Security: Standardized Processes to Application Security

Follow Forward Security on :

Farshad Abasi, Founder and Chief Security Officer
Forward Security is a growing Canadian cybersecurity startup with offices in Vancouver, Toronto, and Austin (TX), specializing in application and cloud security. The team is made up of seasoned security professionals who spent the first part of their career building software and now help with the security of software built by other developers. The company specializes in the security of anything code-related, from application to cloud security, and caters to mid-sized organizations in the finance, health, e-commerce, and technology sectors. “At Forward Security, we understand all the nuances of application, cloud, and information security. We use a systematic approach, leveraging standards-based and repeatable processes,” says Farshad Abasi, Founder, Chief Security Officer, Forward Security.

Abasi goes on to mention that historically, the focus of cybersecurity revolved around the network, infrastructure, identity, governance, and compliance. With the pandemic-induced digital transformation, more and more applications are created, which naturally result in increased attacks, calling the need for addressing application security specifically and diligently. When it comes to software security—a relatively new field in cybersecurity—companies are often road blocked by the challenge of insufficient knowledge or resources to run an in-house application security program. In addition, the traditional tools these organizations use do not cover the application layer threats and vulnerabilities, often resulting in a false sense of security. The usual application security challenges encountered by organizations building software include:

• Unclear understanding of what is needed to build an effective AppSec program

• Being required to get a “pentest” and not knowing how to choose the right provider or if pentesting is the right thing to do

• Lack of knowledge when it comes to the AppSec tools and processes such as threat modelling, and how to best incorporate them into the development processes

• Unable to hire AppSec SMEs due to shortage of such professionals

Forward Security addresses these by offering services that are based on industry standards, such as OWASP’s Application Security Verification Standard (ASVS), delivered by a best-in-class team who has been in the development trenches and provides advice based on experience.
This in contrast to other firms who provide such services often delivered by those who come from an infrastructure or other background, never having developed software and lack the deep domain expertise required to successfully help build and secure applications. “We have created an Application SecurityCenter of Excellence to help support our clients’ AppSec initiatives and continually improve the tools and processes involved in delivering the best application and cloud security solutions,” Abasi adds.


At Forward Security, we understand all the nuances of application, cloud, and information security. We use a systematic approach, leveraging standards-based and repeatable processes


Forward provides a positive environment, encouraging collaborative and continuous learning to ensure the team is on top of the latest application security trends and threat landscape. The collective knowledge of the team provides the ability to solve the most challenging application security problems for clients and deliver results where other providers may have not had the right skill set or experience to do so. Time and time again, Forward has won over clients, becoming their trusted partner by findings issues previous vendors were unable to identify, demonstrating leadership in this domain.

For the future ahead, Forward will continue to expand their offerings in Application and Cloud Security, grow their footprint in the US, and launch their Eureka DevSecOps platform in the Azure Marketplace later this year. The platform allows clients to centrally manage and view the results of all security tools used in their development process in a central location, in addition to having all data hosted in their environment to guarantee maximum privacy. “We are currently finalizing a private offering to do an internal alpha for select clients. It will be launched initially in the Azure marketplace and later on this year, it’ll be available for the public and management marketplace in other platforms like AWS,” concludes Abasi.

Company
Forward Security

Headquarters
Vancouver, British Columbia

Management
Farshad Abasi, Founder and Chief Security Officer

Description
Forward Security is a growing Canadian cybersecurity startup with offices in Vancouver, Toronto, and Austin (TX), specializing in application and cloud security. The team is made up of seasoned security professionals who spent the first part of their career building software and now help with the security of software built by other developers. The company specializes in the security of anything code-related, from application to cloud security, and caters to mid-sized organizations in the finance, health, e-commerce, and technology sectors.

Forward Security