Software performs Web application security testing.
Share:
Press Release Summary:
Enabling fast and accurate scans, Phoenix architecture helps analyze complex Web 2.0 applications to reveal undetectable vulnerabilities. Results are provided within seconds after assessment has started, and are reported continuously in real-time throughout scan. Other features include broad coverage, reduced false negatives, simultaneous scans, support for IPv6, and automated mechanisms for authentication management.
Original Press Release:
SPI Dynamics Unveils Phoenix, the Industry's First and Only Web Application Security Assessment Architecture Built to Test Web 2.0
Phoenix Architecture Raises the Bar for Automated Web Application Security Testing and Tackles Growing Problem of False Negatives
ATLANTA, Jan. 29 /- S.P.I. Dynamics, Inc. (www.spidynamics.com), the leading provider of web application security software and services, announced today the company's Phoenix architecture - the first and only technology able to analyze complex Web 2.0 applications to reveal previously undetectable vulnerabilities.
Today's web applications are complex and dynamic; combining client and server side processing with Web 2.0 technologies such as AJAX, SOAP, SOA and Flash. Traditional application scanners fail to discover security vulnerabilities exposed by use of these new technologies, resulting in high false negatives rates. The new web requires a fundamental revolution in assessment technology.
"Anyone developing web applications today should incorporate new Web 2.0 technologies to improve user experience and satisfy customer requirements," said Caleb Sima, co-founder and CTO, SPI Dynamics. "But implementation of these new technologies is a double-edged sword, creating enormous new attack surfaces that leave web applications more exposed than ever before. Leveraging our Phoenix architecture, SPI Dynamics is the first company to provide an automated web application security tool that can discover vulnerabilities in today's web applications. We are pleased to provide another leading innovation from SPI Dynamics to continue to ensure our customers receive the best and broadest web application security coverage."
The Phoenix architecture will provide the foundation for SPI Dynamics' entire product line, enabling faster, more accurate scans and facilitating analysis of the new dynamic technologies typically associated with Web 2.0. The first SPI Dynamics' product to utilize the Phoenix architecture is WebInspect(TM) 7, announced today (http://www.spidynamics.com/news/pr/pr12907b.html).
The new Phoenix architecture enables:
o Faster Scans, More Accurate Results - SPI Dynamics' new patent-pending
simultaneous crawl and audit (SCA) technology combines the application
crawl and audit into a single fluid process. By conducting these
activities in parallel instead of sequentially, scan times are reduced
by 50 percent or more.
o Immediate Results - This new auditing approach provides results to the
tester within seconds of starting an assessment and continues to report
in real time throughout the scan.
o Broader Coverage, Reduced False Negatives - WebInspect 7 includes
intelligent scanning engines capable of analyzing complex Web 2.0
technologies to provide broader testing coverage than possible with
earlier legacy scanning architectures. WebInspect 7 exposes application
logic that was previously hidden, revealing security vulnerabilities
undetectable through automated security testing.
o Simultaneous Scans - Users can now launch and manage multiple
concurrent scans, greatly increasing testing throughput with WebInspect
7.
o Advanced Authentication Management - New automated mechanisms eliminate
the complexities of authentication even with applications using
advanced technologies such as two-factor authentication or CAPTCHA.
WebInspect 7 can both authenticate with secure web applications and
detect when re-authentication is required. This is essential to ensure
complete coverage.
o Support for IPv6 - WebInspect 7 is ready for the future Internet with
full support for IPv6.
For more information on the new Phoenix architecture and WebInspect 7 available February 14, 2007, please visit www.spidynamics.com.
About S.P.I. Dynamics, Inc.
SPI Dynamics delivers a comprehensive suite of products and services (http://www.spidynamics.com/products/index.html) that help to identify and remediate web application and web services security vulnerabilities found at key stages throughout the web Application Lifecycle. SPI Dynamics solutions enable security professionals, QA testers, and developers to work together to assess, analyze, and remediate web applications and web services for security vulnerabilities, and verify compliance with over 20 security policies like SOX, HIPAA and PCI. The Company's unique approach, utilizing patent-pending Intelligent Engines(TM) technology combined with the largest web application security vulnerability knowledgebase in the industry, delivers unparalleled speed and accuracy. SPI Dynamics' research and development team, SPI Labs, is widely recognized as one of the world's leading authorities on web application security and risk management. The Company counts over 950 customers among Global 2000 enterprises, including over 90 U.S. Federal accounts. SPI Dynamics' strategic partners include Microsoft, IBM, Hewlett-Packard, CSC and Visa. SPI Dynamics is privately held with headquarters in Atlanta, Georgia. For more information, visit www.spidynamics.com or call (866) 774-2700.
Source: S.P.I. Dynamics, Inc.
CONTACT:
Ashley Vandiver of S.P.I. Dynamics, Inc.,
+1-678-781-4841,
or mobile, +1-404-432-8657,
avandiver@spidynamics.com
Web site: www.spidynamics.com/
http://www.spidynamics.com/products/index.html