Borland integrates Cenzic application security tool with Gauntlet

By Michelle Davidson, Site Editor 30 Jan 2007 | SearchAppSecurity.com

Software quality news and advice Digg This!     StumbleUpon     Del.icio.us

Software developers and testers who use Borland's Gauntlet will now have an application security testing tool available to them.

Beginning this week, Cenzic's Hailstorm will be available as a plugin to Gauntlet, an automated system for building and testing code. Interested users may visit Borland's Web site to download a 30-day free trial of Gauntlet and a 60-day free trial of Hailstorm.

Gauntlet is a continuous integration system that improves visibility, software quality and developer productivity by proactively building and testing code, isolating defects, and reporting on key development metrics.

When developers check in code to Gauntlet, Hailstorm can automatically test it for security vulnerabilities and report security issues through the Gauntlet dashboard. Hailstorm provides automated security assessment of custom and commercial Web applications and works throughout the software development life cycle (SDLC) -- whether in development, QA or operations -- to help find and remediate security vulnerabilities, guide enforcement of internal security policies and support regulatory compliance.

Mandeep Khera, vice president of marketing at Cenzic, said by integrating Hailstorm with Gauntlet the company hopes to increase the awareness of application security issues and the importance of including security throughout the SDLC.

"This allows them to proactively look for vulnerabilities in new code that they're developing," he said. "If you're already testing applications, why not also test for security?"

If companies want to look for vulnerabilities in applications already in production, they can turn to Cenzic Hailstorm Enterprise ARC. With its intelligent dashboard, Cenzic Enterprise ARC gives companies the ability to automatically discover and inventory applications and provides a comprehensive view of application security status with a complete workflow from a central console.

Tags: Software testing tools and frameworks,  Software security testing and techniques,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Software testing tools and frameworks Performance testing tools - Commercial, less expensive and free Software Testing Ezines New IBM Rational, Tivoli integrated tools pair development with IT STPCon: Do reality checks on performance test products, panelists advise Demo: Using WebGoat, a free software testing tool Getting answers about OpenSTA script problems Defining core software regression tests Selecting the best tool for stress and load testing Required prerequisites for performance testing Surgient 7's self-provisioning promises software testers quick IT resource access Software security testing and techniques Web server weaknesses you don't want to overlook Using firewalls for software testing: Pros and cons Beating software's cross-site scripting, authentication problems Free Web proxy security tools software testers should get to know How to get management on board with Web 2.0 security issues Web application security best practices: Tips on implementation Testing strategies for complex environments How to make your software tamperproof Ways to approach application performance testing on a tight budget How can I tell if my software security has been breached?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary JUnit  (SearchSoftwareQuality.com) NUnit  (SearchSoftwareQuality.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary