Home » Press Releases SPI Dynamics WebInspect 7 Sets ...

Press Releases by JavaScriptSearch

SPI Dynamics WebInspect 7 Sets Market Standard for Web Application Security Testing in Web 2.0 Era

April 24, 2007; 10:02 AM
 S.P.I. Dynamics, (www.spidynamics.com), the leading provider of web application security software and services, today announced WebInspect 7 at the Infosecurity Europe show being held in London. WebInspect 7 delivers faster scanning capabilities, broader assessment coverage and the industry's most accurate results. Powered by the new "Phoenix" architecture that uniquely addresses the requirements associated with complex Web 2.0 technologies, WebInspect 7 reveals previously undetectable vulnerabilities.

"Today's scanners must adapt to address Web 2.0 technologies," said Caleb Sima, CTO and founder, SPI Dynamics. "SPI Dynamics is the first application security software vendor to offer a new scanning architecture designed to handle this challenge. With WebInspect 7, customers can find vulnerabilities associated with new web technologies that other legacy scanners simply can't."

Today's web applications are complex and dynamic; combining client and server side processing with Web 2.0 technologies such as AJAX, SOAP, SOA and Flash. Traditional application scanners fail to discover security vulnerabilities exposed by use of these new technologies, resulting in high false negatives rates. The new web requires a fundamental revolution in assessment technology. WebInspect 7 tackles today's web application technologies with breakthrough testing innovations, including simultaneous crawl and audit (SCA) and concurrent application scanning, resulting in the industry's fastest and most accurate automated web application security testing tool.

"Application security is a key part of all our customers' enterprise security strategy, driven by compliance and a solid understanding of the threats inherent in web technologies. This particularly applies to new technologies such as web services, AJAX and framework-based deliveries," said James Spooner, LODOGA Security Limited. "After working with SPI Dynamics for over four years, we are continually impressed with the enterprise-friendly, competitive advantage their products, such as WebInspect, offer. Additionally, the service and community approach they provide customers is truly unmatched in the industry. We are excited to be able to offer this new version of WebInspect, another leading innovation from SPI Dynamics, to continue to ensure our customers receive the best and broadest web application security coverage."

"In order to find business logic web application security flaws, as opposed to technical vulnerabilities that can be covered by automation, manual tools and methodologies are required. WebInspect comes with a manual toolkit that enables us to complement our automated testing in order to manually identify business logic security flaws in applications," said Marcel Carlsson, Senior Information Security Consultant, Capita Security Consultancy. "The flexibility of both the manual testing capabilities and automated scanning within our overall application security testing program strengthens our risk management process and ensures that application security risks can be managed to an acceptable level throughout the full development lifecycle. It allows us to more effectively prioritise risks and focus on the most critical application security vulnerabilities."

Product highlights available with WebInspect 7 built on the Phoenix architecture:

    -- Faster Scans, More Accurate Results - SPI Dynamics' new patent-pending
       simultaneous crawl and audit (SCA) technology combines the application
       crawl and audit into a single fluid process. By conducting these
       activities in parallel instead of sequentially, scan times are reduced
       by 50 percent or more.
    -- Immediate Results - This new auditing approach provides results to the
       tester within seconds of starting an assessment and continues to
       report in real time throughout the scan.
    -- Broader Coverage, Reduced False Negatives - WebInspect 7 includes
       intelligent scanning engines capable of analysing complex Web 2.0
       technologies to provide broader testing coverage than possible with
       earlier legacy scanning architectures. WebInspect 7 exposes   
       application logic that was previously hidden, revealing security
       vulnerabilities undetectable through automated security testing.
    -- Simultaneous Scans - Users can now launch and manage multiple
       concurrent scans, greatly increasing testing throughput with
       WebInspect 7.
    -- Advanced Authentication Management - New automated mechanisms
       eliminate the complexities of authentication even with applications
       using advanced technologies such as two-factor authentication or  
       CAPTCHA.  WebInspect 7 can both authenticate with secure web
       applications and detect when re-authentication is required. This is
       essential to ensure complete coverage.
    -- Tabbed Interface - WebInspect 7's all new tabbed interface provides
       easy single-point access for multiple scans and reports.
    -- Integrated Support Channel - Users can easily submit false positives
       and other feedback directly to SPI Dynamics from within the product
       with just one click.
    -- Support for IPv6 - WebInspect 7 is ready for the future Internet with
       full support for IPv6.

WebInspect 7 built on the Phoenix architecture is available now. The Phoenix architecture will provide the foundation for SPI Dynamics' entire product line, enabling faster, more accurate scans and facilitating analysis of the new dynamic technologies typically associated with Web 2.0. The first SPI Dynamics' product to utilise the Phoenix architecture is WebInspect 7. For more information on WebInspect 7 and the new Phoenix architecture, please visit http://www.spidynamics.com.

About S.P.I. Dynamics, Inc.

SPI Dynamics' comprehensive suite of products and services identify and remediate web application and web services security vulnerabilities throughout the application development lifecycle. These award-winning solutions also enable security professionals, QA testers, and developers to work together to verify compliance with over 22 security policies such as SOX, HIPAA and PCI. SPI Dynamics has the most application security testing customers worldwide - over 1,000 clients among Global 2000 enterprises, including four out of five of the world's largest banks and nine out of ten of the largest banks in the U.S., four out of five of the largest software companies, three out of four of the largest aerospace and defense companies, the four largest accounting firms, the five largest telecommunications companies in the U.S., six out of eight of the largest technology hardware and equipment companies, two out of three of the largest healthcare companies, and over ninety U.S. Federal agencies. The Company is one of the fastest growing in the security industry, ranked 83rd on Deloitte and Touche's "Fast 500" list of growing technology companies nationwide and 220th on the Inc. 500. SPI Dynamics has strategic partnerships with Microsoft, IBM, HP and Visa. The Company's R&D team, SPI Labs, is widely recognised as a world leading authority on web application security and risk management. For more information, visit http://www.spidynamics.com or call +1-866-774-2700.

WebInspect is a trademark of S.P.I. Dynamics, Inc. Product or service names mentioned herein are the trademarks of their respective owners.



Related Resources

Other Resources