May 27, 2008 - HP announced updates to its application security software and a new software as a service (SaaS) offering to help businesses minimize the risk of security breaches due to hacker attacks and safeguard against theft of sensitive customer information.


The new release of HP Application Security Center helps organizations discover, fix and prevent security vulnerabilities in their Web applications. New features in the software help bridge the gaps that exist among development, quality assurance, operations and security teams within an IT organization.


The lifecycle approach helps companies comply with government and industry regulations, such as the Federal Information Security Management Act, the Health Insurance Portability and Accountability Act, the Payment Card Industry Data Security Standard and the European Union Directive on Privacy and Electronic Communications.


HP Application Security Center includes HP Assessment Management Platform as the foundation of the solution, with HP DevInspect for developers, HP QAInspect for quality assurance teams and HP WebInspect for operations and security experts. This allows customers to successfully find, fix and prevent security vulnerabilities, according to HP.


Enhancements to HP Application Security Center are intended to increase efficiency for teams and help them integrate these security practices into their existing application lifecycle processes.


HP DevInspect provides improved hybrid analysis that combines static and dynamic analysis to help find the true vulnerabilities. Remediation efforts can then be focused on the highest risk security defects. Support is available for Microsoft Visual Studio 2008, Visual Studio 2005 and Eclipse.


HP QAInspect includes the security defect management capability integrated with HP Quality Center software. With defect staging and consolidation capabilities, application teams can filter, prioritize and assign defects based on risk to the business. This makes security defect information available to the whole application lifecycle team, including development, quality assurance, operations and security. Security problems are then detected and fixed.


HP WebInspect was enhanced with faster runtimes and improved scanning accuracy for the security vulnerabilities that hackers most frequently exploit, including cross-site scripting and SQL injection.


HP Assessment Management Platform, the foundation of HP Application Security Center, will be offered through HP SaaS. Customers can centralize all of their Web application security assessment programs into a complete solution maintained and managed by HP SaaS.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access