News Stay informed about the latest enterprise technology news and product updates.

Watchfire enhances AppScan, offers on-demand application security service

Watchfire has enhanced AppScan to include PHP fix recommendations and a SQL injection exploit extension. The company has also unveiled a new on-demand application security service.

Watchfire, a provider of Web application vulnerability assessment software and services, yesterday introduced AppScan 7.6, the latest enhancement of the company's flagship product.

AppScan 7.6 continues Watchfire's focus of automating a greater portion of the application security testing problem while providing users greater flexibility and control. Enhancements include new PHP fix recommendations geared to address one of the fastest growing Web development platforms and a SQL Injection Exploit eXtension that can further reduce false positives by demonstrating and validating the presence of this dangerous vulnerability.

Additional AppScan 7.6 capabilities include the following:

  • Developer essentials test policy
    Targets issues of primary interest to developers. Developers' efforts in Web application security can now be optimized with a high accuracy policy that focuses on the highest impact issues that are easiest to find, understand, and fix.
  • New compliance reports
    The industry's most comprehensive compliance reporting solution, AppScan includes 41 out-of-the-box compliance reports, including new NIST 800-53 (National Institute of Standards and Technology) and the latest "OWASP Top Ten 2007".
  • AppScan Reporter for Microsoft PowerPoint
    Continuing the momentum of the AppScan eXtension Framework introduced earlier this year, this new eXtension allows users to export scan results into a customized PowerPoint presentation, straight from AppScan.

New on-demand software as a service
Watchfire also announced AppScan OnDemand, a new outsourced service to manage web application vulnerability assessments. The new service makes it easy for organizations of all sizes and at various stages in the security testing maturity model to benefit from the latest features of AppScan 7.6.

The service is ideal for companies that have little application security expertise, for those purchasing third-party software, or for those that need to analyze business partners to ensure they meet acceptable security standards.

Different service offerings:

  • Basic Vulnerability Assessment
    This is the entry-level AppScan OnDemand offering and is designed for simple applications whereby Watchfire experts run AppScan and provide analysis and recommendations.
  • Comprehensive Vulnerability Assessment
    Watchfire experts conduct a comprehensive security scan using AppScan and incorporate manual testing and exploitation of findings. This caters to medium to large applications with heavy user access levels.
  • Advanced Application Security Test
    This is the premium offering and is designed to accommodate the largest and most complex applications. This service incorporates a comprehensive security test combined with manual techniques to give a full application-level assessment.

Pricing and availability
AppScan 7.6 is available immediately as an individual offering, with pricing starting at $14,400. For more information and to download AppScan 7.6, visit Watchfire's Web site.

AppScan OnDemand is available immediately, with three convenient levels of service starting at $5,000.

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.