Tri-Guard Risk Solutions, Ltd. has a patented software weakness management system called SACRE (TM) that can help businesses succeed. For more information, please visit http://tgrisksolutions.com.
In order to meet the ever-growing threat of computer attacks and breaches initiated through exploitation of weaknesses in software, Tri-Guard Risk Solutions (T-GRS) Ltd., created SACRE ™. SACRE ™ stands for Software Assurance Compliance verification and Risk Evaluation and it is a patented software weakness management system. SACRE ™ performs software assurance analytics which includes proprietary mappings that increase performance, usability, and awareness of coding weaknesses. Also, SACRE ™ allows software developers to easily consolidate and normalize bugs, flaws, and defects detected by multiple static, dynamic, and hybrid analysis security testing tools. Studies show that more than 80 percent of computer attacks are traceable to vulnerabilities in software inadvertently placed there during the development cycle due to unattended software weaknesses. For more information, please visit http://tgrisksolutions.com.
The initial research was conducted under the Department of Homeland Security (DHS) Science & Technology (S&T) Directorate Long Range Broad Agency Acquisition program. Tri-Guard's Founder and CEO, Keesha Crosby, along with Dr. Robin Gandhi and Dr. Harvey Siy from the University of Nebraska Omaha (a renowned Software Assurance Academic Center of Excellence) teamed to conduct this ground-breaking research. Subsequently, in May 2016, DHS and the National Institute of Standards and Technology (NIST) released the research in NIST Special Publication 800-160 Appendix J entitled Software Security and Assurance. This Appendix J marks the first ever software security controls.
Tri-Guard’s SACRE ™ utilizes the software assurance controls to rapidly mitigate, prioritize, and detect software weaknesses for risk and compliance. Additionally, SACRE ™’s proprietary output and artifacts assist engineering professionals including Software Developers, Security Auditors, Compliance Officers, and Quality Assurance Engineers with authorization and accreditation needs. Significant performance improvements have also been made to SACRE ™ with funding from the Department of Energy’s (DOE) Small Business Technology Transfer (STTR) program. Tri-Guard was able to partner with DOE national labs during the initial feasibility phase of STTR.
T-GRS is a Virginia-based limited liability company. T-GRS specializes in software assurance, system security engineering, and risk management. The CEO of T-GRS, Keesha M. Crosby, has more than 20 years of practical experience in security and software engineering. Ms. Crosby has a Bachelor of Science in Mathematics from Tuskegee University and a Masters in Engineering from George Washington University. She has a career that is dedicated to every facet of the security system and software security lifecycle. She has worked for numerous government agencies in engineering as well as in the development of software assurance policies and guidelines. She has published several articles in the Institute of Electrical and Electronics Engineers (IEEE) flagship magazine COMPUTER as well as in Crosstalk, a defense software engineering journal. Over the course of her career, she has collaborated and worked with leaders in industry such HP Fortify, Boeing, and Verizon. With this experience, she was propelled into entrepreneurship where she expanded on her innovative and applied research approach to secure software and Internet of Things. Ms. Crosby and her staff at Tri-Guard Risk Solutions, Ltd. provide complete risk, security, and software assurance services.