Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Cigital Launches New Cloud-based Application Security Testing Solutions

Cigital, a provider of software security services and solutions, has launched new cloud-based Static and Dynamic Application Security Testing solutions to its lineup.

Cigital, a provider of software security services and solutions, has launched new cloud-based Static and Dynamic Application Security Testing solutions to its lineup.

According to the company, the new offerings find and fix vulnerabilities within source code and web applications through an automated assessment process that can be customized to individual business needs.

“The on-demand scanning and testing service provides organizations with a scalable way to evaluate software security threats and application vulnerabilities — as well as the actionable guidance needed to address the vulnerability findings,” the company said in a statement.

Cigital LogoAccording to Cigital, more than 80% of the assessments they have completed reveal critical defects in software source code or web applications.

“Internal security teams struggle to assess the hundreds or even thousands of Internet-facing applications in their organizations’ portfolio. Biannual releases create large spikes in assessment load, making staff management and timely reporting challenging,” said John Steven, internal CTO at Cigital.

“Cigital’s Cloud Services for Static and Dynamic Application Security Testing offer an external option that is scalable, flexible, and cost-effective. Clients can prioritize applications by criticality and risk, and invest resources more efficiently to ensure all the organization’s applications remain secure.”

Cigital’s Cloud Services for Static and Dynamic Application Security Testing blends tool-assisted scans with targeted manual testing for vulnerabilities that cannot be detected through automated scans and focuses on the critical issues that pose the biggest risk.

Cigital’s cloud-based security testing Cloud Services for Static and Dynamic Application Security Testing includes the following features:  

• Multiple Security Testing Options: Four different levels of source code review and application testing depending on the risk profile and business criticality of the software. Security tests can be conducted monthly, quarterly, or annually to align with software release cycles and help maintain a proactive security posture.

• Minimal False Positives: Hybrid approach combining automated testing with manual validation minimizes false positives and inaccurate findings.

• Business Logic Security Testing: Automated web application security testing is combined with manual testing to detect business logic flaws that are often missed by tools.

• On-Demand Security Test Scheduling and Management: Customizable portal allows for quick, flexible testing. The portal also includes dashboard reports for full visibility into scheduled and completed tests, and insight into vulnerability details and trends.

Cigital’s Cloud Services for Static and Dynamic Application Security Testing is available immediately.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.