The security game has forever changed, today’s IT environments require way more than old-fashioned perimeter security.  I could spend the better part of a day making a list of ways of putting security together, so the list of tasks is not small.  Companies are definitely stepping up to these challenges- both those that products and customers are recognizing the critical shift necessary to make these requirements not only feasible, but focused on the most sophisticated of requirements as well.  One of the biggest targets in cybersecurity today lies in web applications. HP’s announcement of a newly released 10.0 version of WebInspect means clients can now apply security testing from early development to production and do so with ease. Adding this layer of testing across the application lifecycle means that an organization can go straight into a proactive monitoring stance. In today’s rapidly evolving and rapidly ever-threatened cybersecurity marketplace, it is incredibly enabling to be able to test applications on demand. Previously, such testing required not only planning, but specialized and knowledgeable personnel executing, tracking, and indeed testing applications for issues and security-related vulnerabilities. 

“To effectively build safe and secure web applications, organizations need to be thinking about and testing for critical threats from the onset of development,” said Mike Armistead, vice president and general manager, Enterprise Security Products, Fortify, HP. “HP WebInspect 10.0 empowers clients to become proactive in their security efforts, rather than reacting to attacks after they happen, by simulating attacks to identify vulnerabilities early on and preventing breaches long before they occur.”

It’s amazing to see the sheer volume of vulnerabilities that become public knowledge. They often attack the most common platforms such as Java and other code. It’s a constant cycle of publicized flaw release, then patching that is never-ending and tough to keep on top of. Here’s HP’s answer – WebInspect 10 can be deployed in a feature known as GuidedScan to constantly test a company’s web services and applications for a growing number of security flaws and critical threats. The real-time testing system is able to test applications that range from the very basic, JavaScript, to the most very complex applications out there.

HP WebInspect 10.0 includes the newGuided Scan, a unique interactive testing process based on a patent-pending Adaptive Component Recognition technique for analyzing modern complex web applications and JavaScript.Guided Scan leads novice users and professional security testers alike in adapting tests to specific scenarios in custom environmentswhere test configuration is difficult to troubleshoot. This provides better handling of complex scenarios like detecting proxy misconfiguration or network authentication.

Part of WebInspect’s testing is a replicated real-world attack, adding to the proactive features that the platform provides. The platform features a number of enterprise-friendly goodies like issue tracking and logging – extremely handy for analysis and reporting. It is also designed for functionality with HP’s TippingPoint Network Security Products to form the latest in proactive network, cloud, and application security stack. With this powerful line-up of features, HP delivers improved secure application development capabilities. Catching application flaws and weaknesses early in the development process means a new level of risk avoidance can now be implemented as never before, on an automated, enterprise-level basis.

Pricing and availability
HP WebInspect 10.0 starts at $1,500 and is licensed per application, named user or
concurrent user.  It is available through HP andHP channel partners.
More information about HP Enterprise Security products is available
at www.hpenterprisesecurity.com/.
HP’s premier Americas client event, HP Discover, takes place June 11-13 in Las Vegas.