Builds-in rich content safeguards
Security software that will find and fix vulnerabilities in Web 2.0 applications is among an application testing suite just released by HP, something that can be deployed as a guard against latest threats that now are often embedded in rich content types, like Flash.
Sites that allow people to upload content such as corporate blogs and other online community channels are particularly vulnerable because they allow hackers to inject dangerous web links and content in the form of comments.
The company claims that WebInspect identifies security vulnerabilities that are undetectable by traditional scanners and uses techniques like simultaneous crawl and audit, and concurrent application scanning to speed web services security testing.
Also part of the new suite is HP Assessment Management Platform 8.0 intended to help organisations accelerate the setting up a Center of Excellence for application security.
“It is a way they can secure more applications with a small team of specialised application security experts,” the company said. “In addition, this model helps organisations find and fix security vulnerabilities earlier in the application design process which helps lower costs.”
The application security testing software can be licensed in the usual way or bought in as a service from HP, which also announced a on-demand version called Project Services for Application Security Center that is maintained and managed by the vendor in association with EDS.