View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
April 16, 2009

HP rolls out app testing security suite

Builds-in rich content safeguards

By CBR Staff Writer

Security software that will find and fix vulnerabilities in Web 2.0 applications is among an application testing suite just released by HP, something that can be deployed as a guard against latest threats that now are often embedded in rich content types, like Flash.

The offering is one of the elements of HP’s Application Security Center, the latest version of which includes WebInspect 8.0, built to analyse vulnerabilities in applications based on the Adobe Flash platform or dynamic JavaScript/Ajax applications.

Use of Web 2.0 and AJAX (Asynchronous JavaScript and XML) technologies make for a rich website experience but they also provide an as yet largely untapped resource for malware authors. 

Sites that allow people to upload content such as corporate blogs and other online community channels are particularly vulnerable because they allow hackers to inject dangerous web links and content in the form of comments.

The company claims that WebInspect identifies security vulnerabilities that are undetectable by traditional scanners and uses techniques like simultaneous crawl and audit, and concurrent application scanning to speed web services security testing.

Also part of the new suite is HP Assessment Management Platform 8.0 intended to help organisations accelerate the setting up a Center of Excellence for application security. 

Content from our partners
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer
Financial management can be onerous for CFOs, but new tech is helping lighten the load

“It is a way they can secure more applications with a small team of specialised application security experts,” the company said. “In addition, this model helps organisations find and fix security vulnerabilities earlier in the application design process which helps lower costs.”

The application security testing software can be licensed in the usual way or bought in as a service from HP, which also announced a on-demand version called Project Services for Application Security Center that is maintained and managed by the vendor in association with EDS.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU