The platform aggregates web application security data across an organisation. It combines HP's DevInspect software for developers, QAInspect software for quality assurance professionals and WebInspect software for security professionals.
Updated security checks have been added to the management platform for rich Internet applications, such as vulnerabilities in Apache and MySpace plug-ins.
DevInspect will now combine both static and dynamic analysis to ensure the highest risk security vulnerabilities are fixed first by developers.
QAInspect now includes an integrated security defect management capability with the Quality Center software. “The integration, which has been underway for the last four years, is now seamless,” said Hurst.
“This means instead of quality assurance teams testing a website manually and then pasting the security defects in a Quality Center, it is all done automatically,” he added. The updates are aimed at allowing security problems to be fixed faster and to save assurance teams time.
WebInspect has also been enhanced with faster runtimes and improved scanning accuracy. Hurst estimated the increased speed should save security experts around 25 percent of their time in finding and fixing security defects.
HP offers security as a service
By Rosalie Marshall on May 29, 2008 2:42PM