Automated Security Assessment of Custom and Commercial Applications
Current Scenario: The Internet is a powerful force for driving business activity and used as a medium for managing internal corporate data and operational activities. Businesses’ online presence center around using Web applications to store, transmit and manage information. Firewalls and associated security technologies were the first line of defense against information theft. Today, the security configuration of Web applications has become the first and last line of defense against malicious attacks and confidential data leaks. A recent study suggests in 2007 more than 70 million records will be exposed, unprotected or compromised via cyber-attack.
Tomorrow's Technology Today: Hailstorm Enterprise ARC addresses application security across the enterprise, and the only one to include patented fault injection technology. With its intelligent uber dashboard (rolling in data from all other key application security tools and manual pen testing), Cenzic Enterprise ARC gives companies the ability to automatically discover and inventory applications, providing a comprehensive view of security status with complete workflow from a central console. Cenzic Hailstorm Enterprise ARC enables companies to automatically identify all web applications within an environment via a web application discovery tool and provides a quantitative HARM™ (Hailstorm Application Risk Metric) measuring vulnerability levels of applications.
Hailstorm Enterprise ARC provides automated security assessment of custom and commercial web applications and works throughout the software development lifecycle to help remediate security vulnerabilities, guide enforcement of internal security policies and support regulatory compliance. With its dashboard views of applications, departments, business units, security and compliance, executives are armed with real-time status of the enterprise and the ability to launch and test any application. Key benefits include:
Intelligent dashboard provides key metrics
Uber dashboard for all other application security solutions
Shared database provides integrated reporting and maintains all summary and detail results (MySQL or Oracle)
Prioritize your vulnerabilities with the industry's first and only quantitative score called HARM™
Web server provides dashboard status of application security on a real-time, need-to-know basis
Job execution engine automatically discovers applications and performs ongoing assessments using SmartAttack™ library
Measurement of overall and individual application risk
Messaging for workflow support
Administrator control over user roles, tasks and privileges
Complete SmartAttack™ library and SmartAttack™ Modeler with rapid configuration and application-specific settings
Cenzic holds the one of the most important patents for web application security assessment using Fault Injection. The latest release includes integration of key vulnerability information from other sources, including competitors – no web application security software provides as thorough integration and coverage, with documented no false negatives reported.
Conclusion: Any organization transmitting data via the Internet is at risk and benefits from security-tested web applications - Hailstorm does so with patented fault injection technology. Additionally, Hailstorm checks for adherence to compliance mandates (corporate and governmental policies), providing the only integrated dashboard including data from other security solutions.
455 El Camino Real, Suite 100
Santa Clara, CA 95050