Software developers and testers who use Borland's Gauntlet will now have an application security testing tool available...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Beginning this week, Cenzic's Hailstorm will be available as a plugin to Gauntlet, an automated system for building and testing code. Interested users may visit Borland's Web site to download a 30-day free trial of Gauntlet and a 60-day free trial of Hailstorm.
Gauntlet is a continuous integration system that improves visibility, software quality and developer productivity by proactively building and testing code, isolating defects, and reporting on key development metrics.
When developers check in code to Gauntlet, Hailstorm can automatically test it for security vulnerabilities and report security issues through the Gauntlet dashboard. Hailstorm provides automated security assessment of custom and commercial Web applications and works throughout the software development life cycle (SDLC) -- whether in development, QA or operations -- to help find and remediate security vulnerabilities, guide enforcement of internal security policies and support regulatory compliance.
Mandeep Khera, vice president of marketing at Cenzic, said by integrating Hailstorm with Gauntlet the company hopes to increase the awareness of application security issues and the importance of including security throughout the SDLC.
"This allows them to proactively look for vulnerabilities in new code that they're developing," he said. "If you're already testing applications, why not also test for security?"
If companies want to look for vulnerabilities in applications already in production, they can turn to Cenzic Hailstorm Enterprise ARC. With its intelligent dashboard, Cenzic Enterprise ARC gives companies the ability to automatically discover and inventory applications and provides a comprehensive view of application security status with a complete workflow from a central console.