HP updates its Application Security Center
May 29, 2008 —
Hewlett-Packard’s acquisition last year of application security specialists SPI Dynamics is bearing new fruit, as well as a new service-based offering that will debut this summer.
The company announced on Tuesday three major updates to the HP Application Security Center, based on SPI’s former product line. They are designed to help organizations prevent, detect and repair security vulnerabilities of their Web applications. All are available now, and the product of work at what was formerly SPI Labs, now the HP Security Labs, in Alpharetta, Ga.
The idea, noted company officials, is to help developers assume their fair share of the responsibility. One study released in May from marketing researchers Vanson Bourne indicates that as many as 80% of organizations task security and operations teams with remediation of application vulnerabilities; less than 27% saddle development or QA teams with any portion of the work.
The Assessment Management Platform remains the foundation of the HP security center in this release, with DevInspect picking up the ability to work with Microsoft’s latest IDE release and Visual Studio 2008. It also allows updated hybrid analysis that the company claims leads to a “clear path” for developers rooting out faults by focusing on highest-risk, most common scenarios.
QAInspect integrates its defect management features, including defect staging, highlighting and consolidation, with the tools of HP Quality Center. Meanwhile, WebInspect now offers faster runtimes, according to company officials, who added that the focus here is also on the most frequently used attack vectors, including cross-site scripting and SQL injection.
HP, recognizing that some organizations might not wish to maintain all of the technology of a complex vulnerability detection platform, also announced on Tuesday that it expected to make the Assessment Management Platform available through its HP SaaS services organization in August. “Now customers can get up and running quickly and involve all the right teams to minimize this risk,” said HP Software’s vice president of products, Jonathan Rende, in the company’s announcement.
Related Search Term(s): Security, SOA & SaaS, testing & troubleshooting, HP, Microsoft