Denim Group’s ThreadFix 2.7 Supports Flexible Structuring of Application Security Programs

SAN ANTONIO–(BUSINESS WIRE)–Denim Group, the leading independent application security firm, today announced availability of the latest version of ThreadFix, the company’s application vulnerability resolution platform for developers and security professionals. ThreadFix 2.7 unites Denim Group’s ThreadFix platform with their professional and managed services, providing customers the ability to request services directly from ThreadFix User Interface (UI) and have the results of these services delivered directly to their ThreadFix platform upon completion. This most recent update allows Denim Group’s customers to receive actionable data, rather than a stagnant PDF, enhancing communication effectively with their development teams for accelerated remediation of vulnerabilities.

“Our goal is to provide our customers with the freedom to easily build the application security programs they want”

Tweet this

ThreadFix 2.7 provides the flexibility and capability for any organization to tune their program for maximum effectiveness. Customers who require support to maintain an efficient application security program can seamlessly assign tasks, such as assessments and source code review, to Denim Group’s highly qualified team who provide on-demand testing and application vulnerability resolution. This enhanced service reduces the friction associated with implementing testing programs by allowing customers to request QuickCheck assessments directly through the platform. These assessments go beyond the simple automation that scanning vendors provide to include false positive culling and time-boxed manual testing.

“Our goal is to provide our customers with the freedom to easily build the application security programs they want,” said Dan Cornell, CTO and Principal of Denim Group. “ThreadFix 2.7 provides organizations with the viable option to outsource components of their programs in order to free up time and resources, enabling teams to focus on developing strategy, interacting with executives to get buy-in on managing software risk, developing security architecture around CI/CD pipelines, and working with development teams to threat model new applications.”

Additionally, the ThreadFix platform offers application portfolio reporting characterized by risk, along with information on the most recent assessment activity, in order to provide organizations with a program-oriented view of the applications being managed. This allows teams to clearly define risk as it relates to criticality of application, how severe the vulnerabilities are, when the last time the user ran a scan/assessment, and what vulnerabilities should be fixed first. This risk-centric view ensures that the organization can quickly identify the most serious issues and the most glaring blind spots.

The structuring of application security programs is challenging for organizations who are limited by budget, talent and knowledge. Through enhancements to ThreadFix, Denim Group is putting power back in the hands of the businesses, enabling them to grow their application security initiatives by amplifying the value of their team’s resources. ThreadFix 2.7 delivers a clearly defined view application portfolio risk and brings knowledgeable outsourcing resources so that all organizations can address software security.

For more information on the ThreadFix platform, please visit our website:

About Denim Group

Denim Group is the leading independent application security firm, serving as a trusted advisor to customers on matters of application risk and security. The company helps organizations assess and mitigate application security risk. Denim Group’s flagship ThreadFix platform accelerates the process of application vulnerability remediation, reflecting the company’s rich understanding of what it takes to fix application vulnerabilities faster.