Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Cigital Launches New Cloud-based Application Security Testing Solutions

Cigital, a provider of software security services and solutions, has launched new cloud-based Static and Dynamic Application Security Testing solutions to its lineup.

Cigital, a provider of software security services and solutions, has launched new cloud-based Static and Dynamic Application Security Testing solutions to its lineup.

According to the company, the new offerings find and fix vulnerabilities within source code and web applications through an automated assessment process that can be customized to individual business needs.

“The on-demand scanning and testing service provides organizations with a scalable way to evaluate software security threats and application vulnerabilities — as well as the actionable guidance needed to address the vulnerability findings,” the company said in a statement.

Cigital LogoAccording to Cigital, more than 80% of the assessments they have completed reveal critical defects in software source code or web applications.

“Internal security teams struggle to assess the hundreds or even thousands of Internet-facing applications in their organizations’ portfolio. Biannual releases create large spikes in assessment load, making staff management and timely reporting challenging,” said John Steven, internal CTO at Cigital.

“Cigital’s Cloud Services for Static and Dynamic Application Security Testing offer an external option that is scalable, flexible, and cost-effective. Clients can prioritize applications by criticality and risk, and invest resources more efficiently to ensure all the organization’s applications remain secure.”

Cigital’s Cloud Services for Static and Dynamic Application Security Testing blends tool-assisted scans with targeted manual testing for vulnerabilities that cannot be detected through automated scans and focuses on the critical issues that pose the biggest risk.

Cigital’s cloud-based security testing Cloud Services for Static and Dynamic Application Security Testing includes the following features:  

• Multiple Security Testing Options: Four different levels of source code review and application testing depending on the risk profile and business criticality of the software. Security tests can be conducted monthly, quarterly, or annually to align with software release cycles and help maintain a proactive security posture.

Advertisement. Scroll to continue reading.

• Minimal False Positives: Hybrid approach combining automated testing with manual validation minimizes false positives and inaccurate findings.

• Business Logic Security Testing: Automated web application security testing is combined with manual testing to detect business logic flaws that are often missed by tools.

• On-Demand Security Test Scheduling and Management: Customizable portal allows for quick, flexible testing. The portal also includes dashboard reports for full visibility into scheduled and completed tests, and insight into vulnerability details and trends.

Cigital’s Cloud Services for Static and Dynamic Application Security Testing is available immediately.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.