IG, one of world’s greatest web portals edited in the Portuguese language, has adopted N-Stalker’s technology to manage and control the production environment of more than 100 internal sites. A subsidiary of OI, the largest Brazilian telecommunications company, IG has invested in the implementation of a project which manages and protects all web applications.

To accomplish such huge task iG has hired the Rede Segura system provided by the Brazilian company Rede Segura Tecnologia. The tool to be used is based on the N-Stalker Web Application Security Scanner software, created by the Brazilian software engineer Thiago Zaninotti and currently adopted by corporations and governmental entities in more than 40 countries, throughout the world. The solution monitors the whole development cycle until its implementation, by sweeping programs to correct possible flaws.

According to Andre Galvani, iG’s IT Technology Director, the portal has adopted such technology to enhance the security of its web applications, which are created and released by means of various services offered to iG users, from hosting, e-mail and back up to games and entertainment pages.

In operation since January/2000, iG Portal counts with a base of more than 8 million users of several age spans and educational levels, what results in a range of different uses of the offered services. Among these, the most used is the e-mail service but portal also operates as Internet Service Provider (ISP), what, according to Galvani, explains the offer of so many services and the consequent need to keep high security levels.

Galvani also observed that the main gains achieved with the adoption of the new tool were the inprovement in the quality of the delivery of applications and integration of the security, development and infrastructure areas. This work, according to him, has reduced the number of incidents, reinforced internal processes and improving IT security management routines.

”Security is not just a simple issue to be dealt with and it is not solved only with investments in technology, network equipment and servers. It is imperative to think protection as a preventive, integrative and dynamic process requiring ongoing update routines”, he commented.