This week in London, during the InfoSecurity Europe conference, HP released an update to its WebInspect application security tool, designed to replicate real-world attacks and improve the testing phase of QA.
The update to WebInspect, which focuses on discovering security flaws during the application development lifecycle, includes a new Guided Scan that uses Adaptive Component Recognition to analyze complex applications and JavaScript.
“To effectively build safe and secure web applications, organizations need to be thinking about and testing for critical threats from the onset of development,” said Mike Armistead, vice president and general manager, Enterprise Security Products, Fortify, HP.
WebInspect can work with more than just JavaScript. The platform can also check for flaws in Ajax, Adobe Flash, and Web services (business logic flaws). Guided Scan leads security testers in adapting tests to specific scenarios in custom environments where test configuration is difficult to troubleshoot. This, HP explained, provides better handling of complex scenarios like detecting proxy misconfiguration or network authentication.
Related Resource: Are Your Applications Secure? Test Your Code For Free
WebInspect can work with various security management systems (via XML exports), as well as commonly used WAF appliances and TippingPoint’s IPS. Cost is $1,500 and is licensed per application, named user, or concurrent user. The latest features are available now. Additional specifications can be seen here.
In addition to enhancements to WebInspect, HP announced the expansion of the TippingPoint Next Gen. IPS, with new appliances designed to expedite detection, identification, and mitigation of network security threats.
The new HP S7500NX, HP S6200NX and HP S2600NX NGIPS appliances round out the HP NX family to cover data transfer speeds of 20Gbps, 10Gbps and 3Gbps respectively, and are expected later this year for worldwide release.
Related Resource: Are Your Applications Secure? Test Your Code For Free
Related Reading: The Unique Challenges of Controlling Java Exploits
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Sentra Raises $30 Million for DSPM Technology
- Cyber Insights 2023: Cyberinsurance
- Cyber Insights 2023: Attack Surface Management
- Cyber Insights 2023: Artificial Intelligence
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- Guardz Emerges From Stealth Mode With $10 Million in Funding
- How the Atomized Network Changed Enterprise Protection
- Critical QNAP Vulnerability Leads to Code Injection
