Home » News » SPI Dynamics Unveils Phoenix, ...

News by JavaScriptSearch

SPI Dynamics Unveils Phoenix, the Industry's First and Only Web Application Security Assessment Architecture Built to Test Web 2.0


Monday, January 29, 2007; 08:26 AM

S.P.I. Dynamics, Inc. (www.spidynamics.com), the leading provider of web application security software and services, announced today the company's Phoenix architecture - the first and only technology able to analyze complex Web 2.0 applications to reveal previously undetectable vulnerabilities.

Today's web applications are complex and dynamic; combining client and server side processing with Web 2.0 technologies such as AJAX, SOAP, SOA and Flash. Traditional application scanners fail to discover security vulnerabilities exposed by use of these new technologies, resulting in high false negatives rates. The new web requires a fundamental revolution in assessment technology.

"Anyone developing web applications today should incorporate new Web 2.0 technologies to improve user experience and satisfy customer requirements," said Caleb Sima, co-founder and CTO, SPI Dynamics. "But implementation of these new technologies is a double-edged sword, creating enormous new attack surfaces that leave web applications more exposed than ever before. Leveraging our Phoenix architecture, SPI Dynamics is the first company to provide an automated web application security tool that can discover vulnerabilities in today's web applications. We are pleased to provide another leading innovation from SPI Dynamics to continue to ensure our customers receive the best and broadest web application security coverage."

The Phoenix architecture will provide the foundation for SPI Dynamics' entire product line, enabling faster, more accurate scans and facilitating analysis of the new dynamic technologies typically associated with Web 2.0. The first SPI Dynamics' product to utilize the Phoenix architecture is WebInspect(TM) 7, announced today (http://www.spidynamics.com/news/pr/pr12907b.html).

    The new Phoenix architecture enables:

     - Faster Scans, More Accurate Results - SPI Dynamics' new patent-pending
       simultaneous crawl and audit (SCA) technology combines the application
       crawl and audit into a single fluid process. By conducting these
       activities in parallel instead of sequentially, scan times are reduced
       by 50 percent or more.
     - Immediate Results - This new auditing approach provides results to the
       tester within seconds of starting an assessment and continues to report
       in real time throughout the scan.
     - Broader Coverage, Reduced False Negatives - WebInspect 7 includes
       intelligent scanning engines capable of analyzing complex Web 2.0
       technologies to provide broader testing coverage than possible with
       earlier legacy scanning architectures. WebInspect 7 exposes application
       logic that was previously hidden, revealing security vulnerabilities
       undetectable through automated security testing.
     - Simultaneous Scans - Users can now launch and manage multiple
       concurrent scans, greatly increasing testing throughput with WebInspect
     - Advanced Authentication Management - New automated mechanisms eliminate
       the complexities of authentication even with applications using
       advanced technologies such as two-factor authentication or CAPTCHA.
       WebInspect 7 can both authenticate with secure web applications and
       detect when re-authentication is required. This is essential to ensure
       complete coverage.
     - Support for IPv6 - WebInspect 7 is ready for the future Internet with
       full support for IPv6.

For more information on the new Phoenix architecture and WebInspect 7 available February 14, 2007, please visit www.spidynamics.com.

About S.P.I. Dynamics, Inc.

SPI Dynamics delivers a comprehensive suite of products and services (http://www.spidynamics.com/products/index.html) that help to identify and remediate web application and web services security vulnerabilities found at key stages throughout the web Application Lifecycle. SPI Dynamics solutions enable security professionals, QA testers, and developers to work together to assess, analyze, and remediate web applications and web services for security vulnerabilities, and verify compliance with over 20 security policies like SOX, HIPAA and PCI. The Company's unique approach, utilizing patent-pending Intelligent Engines(TM) technology combined with the largest web application security vulnerability knowledgebase in the industry, delivers unparalleled speed and accuracy. SPI Dynamics' research and development team, SPI Labs, is widely recognized as one of the world's leading authorities on web application security and risk management. The Company counts over 950 customers among Global 2000 enterprises, including over 90 U.S. Federal accounts. SPI Dynamics' strategic partners include Microsoft, IBM, Hewlett-Packard, CSC and Visa. SPI Dynamics is privately held with headquarters in Atlanta, Georgia. For more information, visit www.spidynamics.com or call (866) 774-2700.

WebInspect and Intelligent Engines are trademarks of S.P.I. Dynamics, Inc. Product or service names mentioned herein are the trademarks of their respective owners.



Related Resources

Other Resources