Annandale, VA – May 20, 2025 – QSMI, a leader in developing financial software systems and related services to clients in DoD and the IC, today announced the addition of a cutting-edge Dynamic Application Security Testing (DAST) scanning suite to its corporate technology lab. This key integration of an “on prem” DevSecOps platform bolsters the company’s commitment to building secure and resilient mission-ready software systems for our clients.
The new DAST suite has been integrated into our development, test and preproduction environments to complement QSMI’s existing software and systems security measures, which include static analysis (SAST) and open-source security within their Unified DevSecOps Platform powered by AI. By simulating real-world attacks against running applications, the new capability will identify vulnerabilities that may not be apparent through static code analysis alone. This includes issues such as cross-site scripting (XSS), command injection, SQL injection, and broken authentication.
“High quality standards and an effective cybersecurity posture is key to the overall success of our business,” says Sara Weniger, CEO. “Weaving DevSecOps into our development lifecycle provides a crucial layer of defense, allowing our teams to proactively identify and remediate vulnerabilities before they can be exploited. This further strengthens our ability to deliver secure and high-quality software and solutions to our clients.”
The implementation of our new DAST platform underscores QSMI’s proactive approach to security, embedding it throughout the full software development lifecycle (SDLC) of our products and solutions. Our mature, quality-focused systems development philosophy ensures that security is not an afterthought but an integral part of building and deploying enterprise grade software.
Key benefits of our new DAST suite include:
- Enhanced Vulnerability Detection: Identifying runtime security vulnerabilities that static analysis might miss.
- Improved Application Resilience: Hardening applications against real-world attack scenarios.
- Faster Remediation: Providing our development teams with actionable insights to quickly address identified vulnerabilities.
- Reinforced Commitment to Security: Demonstrating our ongoing dedication to protecting our software product and our clients.
- Compliance with DISA Application Security and Development STIG requirements.
This investment in security is fundamental to QSMI’s commitment to software product quality and IT security in the present age of increased risk to security.
About QSMI:
With over 25 years of government experience, QSMI delivers a wide range of professional services across Federal agencies. Our expertise spans intelligence and security, budget and finance, management consulting, and information technology. We operate from our Headquarters facility—which houses highly educated and qualified technical personnel—and maintain a flexible, scalable, and secure contractor-site R&D Software Development Lab dedicated to innovation in government solutions.
QSMI is committed to driving operational excellence and transforming service delivery through innovation, cutting-edge technology and strategic partnerships. For more information, please visit https://www.qsmi.com
Communications & Media Contact
Carrington Thomson, (703) 658-9700