August 2, 2007; 03:32 AM
S.P.I. Dynamics, Inc. (http://www.spidynamics.com/), the leading provider of web application security testing software, today announced two new versions of its software -- WebInspect(TM) 7.5 and Assessment Management Platform(R) (AMP) 3.5 -- continuing to provide organizations with software to help address their web application security vulnerabilities throughout the lifecycle and across their enterprise. The company also announced two speaking sessions to be held during Black Hat by its leading researchers and a new book written by its principal security evangelist.
"For over seven years, SPI Dynamics led the industry in providing customers with cutting-edge enterprise web application security software solutions that address security at critical stages of the development lifecycle. We've been steadfast in our commitment to assist organizations in building successful secure development processes to achieve secure software goals," said Brian Cohen, president and CEO, SPI Dynamics.
SPI Dynamics Releases WebInspect 7.5 and AMP 3.5
WebInspect 7.5 builds on the re-architecture of the product that was announced in January. WebInspect is the first and only web application security assessment tool to be re-architected to thoroughly analyze today's complex web applications built on emerging Web 2.0 technologies such as Ajax, SOAP, SOA and Flash. The new architecture delivers faster scanning capabilities, broader assessment coverage, and the most accurate results of any web application scanner available.
WebInspect 7.5's new features help users improve accuracy and speed in their application audits. As web applications become increasingly complex, it becomes more difficult to conduct an accurate and comprehensive audit. WebInspect is specifically designed to test the emerging complexities in Web 2.0 applications, and now that more Web 2.0 applications are available for assessment, WebInspect can actually identify patterns in these applications that enable more accurate and easier scans.
In addition, WebInspect 7.5 is integrated with the latest version of SPI Dynamics' AMP, version 3.5, also announced today. AMP 3.5 connects all SPI Dynamics' lifecycle products - including WebInspect for security professionals, QAInspect(R) for quality assurance testers and DevInspect(R) for developers - for a complete view of the security posture of applications as they are being developed throughout the software development lifecycle. AMP delivers a distributed, scalable, platform used by information security professionals, CISOs, CIOs, line-of-business managers, compliance officers, developers, and QA professionals to assess and manage application security risk. AMP provides a web-based interface for multi-user lifecycle collaboration and control of application security risk throughout the enterprise in a consolidated global view.
New Features in WebInspect 7.5
-- Scan Profiler: Web applications are advanced and complex. In order for
users to configure scans properly, they have to know enough about web
application testing to configure their settings correctly. WebInspect's
new scan profiler analyzes the application before the user initiates
the scan and suggests the scan configuration settings that will
optimize the effectiveness and accuracy of the scan. The scan profiler
helps ensure comprehensive coverage as well as the most accurate and
fast audit possible for the target application.
-- Improved Ajax Auditing: Ajax applications can create several
opportunities for possible attack if the application is not designed
with security in mind. Since there are no Ajax standards and usage
patterns are still emerging, SPI Dynamics' SPI Labs R&D team continues
to work closely with customers and prospects to understand their Ajax
applications and ensure that SPI Dynamics continues to lead the market
with support of unique Ajax security approaches. In this release, SPI
Dynamics has identified emerging patterns and enhanced WebInspect's
Ajax assessment technology to more effectively audit Ajax applications.
Every release of WebInspect improves SPI Dynamics' approach to
assessing Ajax applications and adds new support for new frameworks and
Ajax implementations.
-- Traffic Monitor: WebInspect's new traffic monitor allows users to
choose to monitor HTTP traffic in real-time during a scan. The results
window displays every request and response sent by WebInspect in real-
time during the crawl and audit. This is useful for advanced users who
want to study the current activity of the scan.
-- Vista Support: WebInspect now includes improved support for Microsoft
Windows Vista.
Showcased Expertise at Black Hat USA 2007
Bryan Sullivan, Senior Security Researcher for SPI Dynamics' SPI Labs and Ajax expert, will present alongside the Lead SPI Labs Security Researcher and Ajax expert, Billy Hoffman, on Ajax security. The talk is titled, "Premature Ajax-ulation" and is scheduled during the Black Hat conference Wednesday, August 1st from 3:15 p.m. to 4:30 p.m. PT. Messrs. Sullivan and Hoffman will also debut a portion of their soon-to-be-released book titled Ajax Security, published by Addison-Wesley Professional, during Black Hat that will be available to conference attendees in the SPI Dynamics booth (#9).
Mr. Hoffman will present another talk alongside John Terrill, Executive Vice President and Co-founder of Enterprise Management Technology LLC, at the conference focused on the latest in web application hybrid worms. The talk, titled "The Little Hybrid Web Worm that Could," is scheduled for Thursday, August 2nd from 11:15 a.m. to 12:30 p.m. PT.
In addition, SPI Dynamics' Security Evangelist, Michael Sutton, will participate in a book signing at Black Hat for the new release of his book, titled Fuzzing: Brute Force Vulnerability Discovery, published by Addison- Wesley Professional and co-authored by Pedram Amini and Adam Greene. The signing will take place on Wednesday, August 1st from 3:00 p.m. to 3:15 p.m. PT. For more information on Fuzzing: Brute Force Vulnerability Discovery, please visit http://www.awprofessional.com/bookstore/product.asp?isbn=0321446119&rl=1.
In June 2007, HP announced a definite agreement to acquire SPI Dynamics. Subject to certain closing conditions, the acquisition is expected to close in the third quarter of calendar year 2007. For more information on HP's acquisition of SPI Dynamics, please visit: http://www.hp.com/hpinfo/newsroom/press/2007/070619xb.html?jumpid=reg_R1002_US EN.
For more information on SPI Dynamics, please visit http://www.spidynamics.com/.
About S.P.I. Dynamics, Inc.
SPI Dynamics' comprehensive suite of products and services identify and remediate web application and web services security vulnerabilities throughout the application development lifecycle. These award-winning solutions also enable security professionals, QA testers, and developers to work together to verify compliance with 22 security policies such as SOX, HIPAA and PCI. SPI Dynamics has the most application security testing customers worldwide - over 1,000 clients among Global 2000 enterprises, including four out of five of the world's largest banks and nine out of 10 of the largest banks in the U.S., four out of five of the largest software companies, three out of four of the largest aerospace and defense companies, the four largest accounting firms, the five largest telecommunications companies in the U.S., six out of eight of the largest technology hardware and equipment companies, two out of three of the largest healthcare companies, and over 90 U.S. Federal agencies. The Company is one of the fastest growing in the security industry, ranked 83rd on Deloitte's "Fast 500" list of growing technology companies nationwide and 220th on the Inc. 500. SPI Dynamics has strategic partnerships with Microsoft, IBM, HP and Visa. The Company's R&D team, SPI Labs, is widely recognized as one of the leading authorities on web application security and risk management. For more information, visit http://www.spidynamics.com/ or call (866) 774- 2700.
WebInspect is a trademark, and Assessment Management Platform, QAInspect and DevInspect are registered trademarks of S.P.I. Dynamics, Inc. Product or service names mentioned herein are the trademarks of their respective owners.
|
PRESS BY MONTH
EDITOR'S DESK
SUBMIT PRESS
