Lockheed Martin is partnering with the SANS Institute to reduce cyber security vulnerabilities that may be introduced during software development. Through a new certification program and training initiatives, Lockheed Martin developers will be given new skills to further enhance the security of the code they write.

Initially, the SANS Lockheed Martin project will allow Lockheed Martin to assess the secure coding skills of 75 programmers, provide training to improve their skills, and certify its developers through a rigorous certification exam. Based on the results of the assessment and training, the program may be expanded to train a broader developer workforce.

"We are pleased to see Lockheed Martin adopt the GSSP certification and become the first systems integrator to provide its customers with assurance that the people building applications actually understand how to write secure code," said Alan Paller, Director of Research, SANS Institute. "Using industry standard certification for secure application development is essential to delivering secure solutions to customers," he said.

Lockheed Martin developers will be offered assessments, skills development, and certification for secure coding through the SANS Institute. The new Global Information Assurance Certification (GIAC) Secure Software Programmer (GSSP) examinations offered by SANS reliably measure mastery of the essential competencies for secure programming developed by the Secure Programming Council, a global consortium of individuals and organizations. The examinations use questions with real code examples, are currently available for Java, C and .NET developers, and are offered through SANS Institute.

"Lockheed Martin integrates all aspects of information assurance into every solution it delivers and continues to invest in proactive security measures," said Dr. Eric Cole, Senior Cyber Security Fellow, Lockheed Martin IS&GS. "We are committed to improving secure software development practices and are certifying our employees who are working in the area of cyber security on customer programs," he continued.

Secure coding best practices can reduce risk to Federal agencies that depend on Internet-facing web applications to deliver service to the citizen. Carnegie Mellon estimates that up to 90 percent of reported security incidents result from the exploitation of defects in software code or design.

Established in 1989, The SANS Institute is the trusted source for information security training, research and certification. With a community of more than 165,000 and over 15,000 students in 30 countries each year, it is also the largest. SANS also develops, maintains, and makes available at no cost, a large collection of information security related research documents and it operates the Internet's early warning system, The Internet Storm Center (www.isc.org).

Headquartered in Bethesda, Md., Lockheed Martin employs about 140,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services. The corporation reported 2007 sales of $41.9 billion.

First Call Analyst:
FCMN Contact:

SOURCE: Lockheed Martin