Addressing application security across the enterprise
WHAT IS THIS TECHNOLOGY?
The Internet is a powerful force for driving business activity and used as a medium for managing internal corporate data and operational activities. Businesses’ online presence center around using Web applications to store, transmit and manage information. Firewalls and associated security technologies were the first line of defense against information theft. Today, the security configuration of Web applications has become the first and last line of defense against malicious attacks and confidential data leaks. A recent study suggests in 2007 more than 70 million records will be exposed, unprotected or compromised via cyber-attack. CLICK HERE
Hailstorm Enterprise ARC addresses application security across the enterprise, and the only one to include patented fault injection technology that also leverages virtualization to provide continuous web application security throughout the application lifecycle. With its intelligent dashboard (rolling in data from all other key application security tools and manual pen testing), Cenzic Hailstorm Enterprise ARC gives companies the ability to automatically discover and inventory applications, viewing comprehensive security status with complete workflow from a central console. Hailstorm Enterprise ARC enables companies to automatically identify all web applications within an environment via web application discovery tool and provides quantitative HARM™ (Hailstorm Application Risk Metric) scores pinpointing vulnerability levels of applications.
Hailstorm Enterprise ARC provides automated security assessment of custom and commercial web applications and works throughout the software development lifecycle to help remediate security vulnerabilities, guide enforcement of internal security policies and support regulatory compliance. With its dashboard views of applications, departments, business units, security and compliance, executives are armed with real-time status of the enterprise and the ability to launch and test any application. Key benefits include:
Intelligent dashboard provides key metrics
Uber dashboard for all other application security solutions
Shared database provides integrated reporting and maintains all summary and detail results (MySQL or Oracle)
Prioritize your vulnerabilities with the industry's first and only quantitative score called HARM™
Web server provides dashboard status of application security on a real-time, need-to-know basis
Job execution engine automatically discovers applications and performs ongoing assessments using SmartAttack™ library
Measurement of overall and individual application risk
Messaging for workflow support
Administrator control over user roles, tasks and privileges
Complete SmartAttack™ library and SmartAttack™ Modeler with rapid configuration and application-specific settings
Cenzic holds the one of the most important patents for web application security assessment using Fault Injection. The latest release includes integration of key vulnerability information from other sources, including competitors – no web application security software provides as thorough integration and coverage, with documented no false negatives reported.
Furthermore, only Cenzic solutions can test for vulnerabilities across all types of applications and Web infrastructures. Cenzic’s Hailstorm is also the only solution in the industry that provides a complete risk management approach by discovering all the applications automatically and providing automated assessments from a dynamic and intelligent dashboard. Cenzic’s recent innovative product release that integrated with VMware now enables customers to test their production applications through virtualization. Production applications are tested n a secure, virtual environment – leaving the live application intact until the vulnerabilities are located and secured. This innovative approach makes Cenzic the only Web application security provider utilizing the powerful tools of virtualization to secure applications through all phases of the software development lifecycle.
In addition, Cenzic’s solutions integrate with other leading products in the software development lifecycle such as HP Mercury, Borland Gauntlet, Bugzilla, and others.
Conclusion: Organizations transmitting data via the Internet is at risk and benefits from security-tested web applications - Hailstorm does so with patented fault injection technology while providing lifecycle application security through testing within virtualized environments. Additionally, Hailstorm supports compliance mandate adherence, providing the only integrated dashboard including data from other security solutions.
455 El Camino Real, Suite 100
Santa Clara, CA 95050