Updated security checks have been added to the management platform for rich Internet applications, such as vulnerabilities in Apache and MySpace plug-ins.
DevInspect will now combine both static and dynamic analysis to ensure the highest risk security vulnerabilities are fixed first by developers.
Static analysis, which scrutinises the source code developers write, will be updated with options to test code, such as Ajax, as well as advanced JavaScript. These capabilities will be added to firms’ current ability to test dynamically, which Dennis Hurst, Application Security Center developer, described as “testing a web application the same way a hacker will attack it”.
QAInspect now includes an integrated security defect management capability with the Quality Center software. “The integration, which has been underway for the last four years, is now seamless,” said Hurst.
“This means instead of quality assurance teams testing a website manually and then pasting the security defects in a Quality Center, it is all done automatically,” he added. The updates are aimed at allowing security problems to be fixed faster and to save assurance teams time.
WebInspect has also been enhanced with faster runtimes and improved scanning accuracy. Hurst estimated the increased speed should save security experts around 25 percent of their time in finding and fixing security defects.
.png&h=140&w=231&c=1&s=0)
_(5).jpg&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
