Press Releases
Home
Solutions
Demos
Partners
Inside Sanctum
Web Perversion
Customers
News & Events
  - Press Releases
    - Archives - 2002
    - Archives - 2001
  - Featured Coverage
  - Events
  - Security Advisories
  - Security News
Support & Training
Contact Us
Gov't Legislation
and Compliance
Enterprise Application Testers Use AppScan 3.5 to Fix Security Vulnerabilities Early in Application Lifecycle
 
Leading Web Security Testing Tool Integrates Seamlessly into Any Application Testing Environment

Santa Clara, Calif. — September 30, 2002 - Sanctum, Inc., the established leader in Web application security software, today announced the availability of AppScan 3.5™, the leading Web security testing tool now optimized for the enterprise application testing environment. With the introduction of AppScan 3.5, Sanctum extends its proven Web security vulnerability assessment solution that has been part of the auditor's toolkit for years to the application quality assurance (QA) testers. AppScan 3.5's 'Site Smart' technology learns the unique behavior of each Web application, and builds a customized vulnerability assessment scan to drive precision testing throughout the application lifecycle. Addressing the widest range of Web application vulnerabilities, AppScan 3.5 tests both customer and third party applications for application specific vulnerabilities (ASVs), common Web vulnerabilities (CWVs) and .Net framework vulnerabilities.

A study by IBM's System Sciences Institute found that the relative cost of fixing defects after deployment is almost seven times greater than detecting flaws and eliminating them during testing. Web applications-the target of 80 percent of all hacks according to Gartner-continue to expose the most costly and serious security defects. As the market demand for high quality applications increases, security is quickly becoming a vital parameter in the QA testing process. By reducing Web application security defects before they get to production, AppScan 3.5 allows companies to reduce the overall number of development cycles, deploy secure applications faster, and improve the utilization of QA and development resources to deliver an unparalleled ROI.

"Cyber-threats at the application level continue to increase," said John Pescatore, vice president for Internet Security at Gartner. "With the increased focus on critical infrastructure protection, integrating automated security testing tools into the application development and testing process needs to become standard practice for all enterprises with Internet exposure."

AppScan 3.5 brings the combination of speed, accuracy, flexibility and efficiency to application development, QA testing and audit functions. As a standalone application running on Microsoft Windows 2000, AppScan learns the unique business logic of the application on the fly and creates a dynamic scan to obtain the most comprehensive Web application vulnerability assessment. Exploring the site like a hacker would, AppScan tests for application specific vulnerabilities such as SQL injection, cross-site scripting and parameter tampering; common Web vulnerabilities for third party applications; and .Net framework vulnerabilities. Once the assessment is complete, AppScan provides customized, detailed reports that include actionable recommendations for how to fix known and unknown vulnerabilities. The result is the most accurate Web security testing tool in the market today.

The key new features of AppScan 3.5 include:

  • Precision Testing—Automatically learns the application's structure and business logic on the fly; intelligently detects both CWVs and ASVs with less than one percent false positives/negatives.

  • Business Process Record and Play—Records business processes for regression testing and stores the information as XML for easy modification.

  • JavaScript Explore—Provides the unique functionality of exploring JavaScript, identifying potentially dangerous content and testing the embedded links.

  • Scan Scheduling—Allows user to schedule one-time, regular and concurrent tests by triggering scans to run at optimal times of the day or week.

  • Web Services Support—Explores application vulnerabilities found in .NET services, including new types of XML-related vulnerabilities, cross-site scripting and advanced SQL injection attacks.

  • Detailed and Customized Reporting—Provides actionable results for each vulnerability and allows easy report customization for specific target audiences, including developers and executives.

"With the introduction of AppScan 3.5, application developers and QA testers no longer have to choose between on-time application delivery and complete application security," said Gili Raanan, senior vice president of products at Sanctum, Inc. "Sanctum's AppScan 3.5 integrates seamlessly into any application testing environment, while delivering the highest level of accuracy and efficiency in assessing Web application-specific vulnerabilities. Built on proven performance for auditors, AppScan 3.5 drives Web security at every stage of the application lifecycle to produce the highest quality Web applications."

Availability
AppScan 3.5 is available immediately.

Webinar Event
For additional information on security within enterprise application testing, join Sanctum CTO Steve Orrin today-September 30, at 2:00 p.m. EDT-for the "Rush To Release-Deploying Secure Applications" Webcast. To register, visit http://searchSecurity.com/r/0,,6022,00.htm.

About Sanctum, Inc. (www.SanctumInc.com)
Founded in 1997 and headquartered in Santa Clara, Calif., Sanctum, Inc. is the recognized leader for Web application security solutions. Sanctum software solutions provide automatic enforcement of intended business processes, ensuring the protection of core information and data. By detecting and defending against any unauthorized behavior, Sanctum protects customers against malicious cybercriminal activity—from theft of intellectual property and customer data, to e-commerce fraud and Web site defacement—even if a site has unknown security holes or flaws. Sanctum's solutions complete a company's security infrastructure, assure regulatory compliance and create sustainable ROI. Sanctum's customers include industry leaders in finance, retailing, healthcare, government and telecommunications. Privately held, Sanctum is funded by blue-chip venture capital firms and industry leaders including Sprout Group, Dell, Gemini Israel Funds, Fidelity Ventures, Wachovia Strategic Ventures Group, Mofet Israel Technology Fund and Walden Israel. For more information, visit www.SanctumInc.com or contact the Company directly at (408) 352-2000.

 #  #  #

AppScan and AppShield are trademarks of Sanctum, Inc. All other product names referenced are the property of their respective owners and are hereby acknowledged.

For Immediate Release
Contact:

Diane Fraiman
Sanctum, Inc.
(408) 352-2000
[email protected]

Annie Kim or Tara Dugan
Schwartz Communications, Inc.
(415) 512-0770
[email protected]

 © 2004 Sanctum, Inc.    Privacy Statement  |   Legal Disclaimer
  1. https://www.gustudentassociation.org/
  2. https://kimmerestaurant.com/
  3. https://www.nyonyafood.com/
  4. https://www.perfectotech.com/
  5. https://www.planetgapyear.com/
  6. https://whatcomvet.com/
  7. https://theclassicyachtexperience.com/
  8. https://www.batonrougerosesociety.org/
  9. https://www.finburysullivan.com/
  10. https://mikrofinanzinstitut.com/
  11. https://oakgroveplantationsc.com/
  12. https://www.the-vision-of-harmony.org/
  13. https://www.pantheonpress.com/
  14. https://thefinancialgraduate.com/
  15. https://www.thenutkitchen.com/
  16. https://altiboutique.com/
  17. https://ambushsweden.com/
  18. https://goingonforgod.com/
  19. https://lasdopestattorney.com/
  20. https://www.sewardne.com/
  21. https://www.tehranfestival.com/
  22. https://www.bistrotmarin.com/
  23. https://brysonchristianmontessorischool.com/
  24. https://www.excalibureurope.com/
  25. https://www.tropicaltopless.com/
  26. https://www.originallotsoflox.com/
  27. https://www.wavespace-berlin.com/
  28. https://www.nicolasboutruche.com/
  29. https://www.michiganmediates.org/
  30. https://www.victoria-abbott.com/
  31. https://www.yourmyrtlebeachproperty.com/
  32. https://metrcconference.com/
  33. https://biotechscope.com/
  34. https://jzbrasil.com/
  35. https://kingswoodacquisition.com/
  36. https://www.mobilegourmetkitchen.com/
  37. https://saafootball.org/
  38. https://griefergames.info/
  39. https://ampalauragarcianoblejas.com/
  40. sbobet
  41. judi parlay
  42. togel kamboja
  43. Pengeluaran Cambodia
  44. judi bola
  45. demo slot
  46. Togel Kamboja
  47. keluaran Kamboja
  48. slot thailand
  49. togel kamboja
  50. keluaran kamboja
  51. togel Kamboja
  52. slot demo
  53. keluaran cambodia
  54. togel cambodia
  55. demo mahjong
  56. live draw macau
  57. slot thailand
  58. pengeluaran kamboja
  59. judi bola
  60. sbobet