SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
From the News Desk
Wednesday, 16. July 2008
Parasoft Thinks of Application Security
Parasoft, an independent software vendor, has announced the availability of enhanced data flow analysis capabilities that help organizations rapidly identify high-risk runtime security vulnerabilities as well as monitor security policy compliance. Parasoft’s Application Security Solution helps organizations rapidly identify high-risk run-time security vulnerabilities and monitor security policy compliance, claimed the company.
"Security should be an integral part of the SDLC, not an afterthought, "said Neil MacDonald, vice president and fellow at research firm Gartner. "The notion of application 'quality,' which has traditionally focused on functionality and performance, must be expanded to include security. Native integration of security testing capabilities into the SDLC environment will increase the likelihood of acceptance by the development organization."
Parasoft officials said the new Parasoft Application Security Solution expands traditional data flow analysis from software quality to application security. And the server-based solution simulates complex application execution paths to help development teams find vulnerabilities that might otherwise take weeks to find—or remain unnoticed until exploited.
According to the company, vulnerabilities detected include SQL injection, cross-site scripting, exposure of sensitive data, and other potential issues. The tests are done automatically, with no need for the teams to create or design test cases. The latest enhancements not only draw upon an extensive knowledge base of common attack patterns, but also enable organizations to map the data flow logic to their own security policy.
Related Links
http://www.parasoft.com/jsp/solutions/application_security_solution.jsp
"Security should be an integral part of the SDLC, not an afterthought, "said Neil MacDonald, vice president and fellow at research firm Gartner. "The notion of application 'quality,' which has traditionally focused on functionality and performance, must be expanded to include security. Native integration of security testing capabilities into the SDLC environment will increase the likelihood of acceptance by the development organization."
Parasoft officials said the new Parasoft Application Security Solution expands traditional data flow analysis from software quality to application security. And the server-based solution simulates complex application execution paths to help development teams find vulnerabilities that might otherwise take weeks to find—or remain unnoticed until exploited.
According to the company, vulnerabilities detected include SQL injection, cross-site scripting, exposure of sensitive data, and other potential issues. The tests are done automatically, with no need for the teams to create or design test cases. The latest enhancements not only draw upon an extensive knowledge base of common attack patterns, but also enable organizations to map the data flow logic to their own security policy.
Related Links
http://www.parasoft.com/jsp/solutions/application_security_solution.jsp
