Access "Application Security: Cenzic's Hailstorm v2.6"
This article is part of the December 2005 issue of Top forensics tools for tracking down cybercriminals
Hailstorm v2.6 Cenzic Price: $15,000 per application per year (unlimited users, support and updates) @exb Hailstorm v2.6 @exe Vulnerability assessment and penetration testing technologies focused on Web applications remain very specialized areas, requiring multiple tools, techniques and expertise. Organizations that want to integrate security into their application development lifecycle can hire security consultants to perform pen tests on a regular basis, or can deploy a tool that does an acceptable job without requiring a full-time administrator. Cenzic's Hailstorm v2.6 presents a viable in-house option, allowing security architects to collaborate with QA and development staffs to test commercial and custom Web apps for known vulnerabilities and regulatory and corporate security policy compliance. Because its licensing is per application (for unlimited users), security architects can configure scan jobs and let QA engineers run them when required. Our testing was conducted on a custom Web application (IIS 5.0, ASP.NET) that we successfully scanned for ... Access >>>
Premium Content for Free.
Building A Perimeter Defense With Application-Level Firewalls
Learn how application level firewalls, when carefully deployed, can build perimeter defenses and prevent hackers from exploiting vulnerabilities, such as application code, to achieve attacks.
To Catch a Thief
Forensics tools aren't only used in high-profile cases.
On the Mend
Health care giant Novartis AG got a much-needed shot in the arm with a comprehensive risk assessment and revamped security management system.
Recent Releases: Security product briefs, December 2005
Learn about the security products released in December 2005.
Controlling the Uncontrollable
Organizations must leverage policy, and harness new protocols and technology to tame wild WLANs.
Information Security's 2006 Priorities Survey signals a transition for security managers from an operational to a more strategic stance.
- Building A Perimeter Defense With Application-Level Firewalls
Hot Pick: Citrix Systems' Citrix Access Essentials
Citrix Systems' Citrix Access Essentials
SSL VPN: Array Networks' Array SPX5000
A review of Array Networks' Array SPX5000
Configuration Management: Configuresoft's Enterprise Configuration Manager v4.7
Configuresoft's ECM v4.7
Application Security: Cenzic's Hailstorm v2.6
Cenzic's Hailstorm v2.6
Secure Reads: Mergers and Acquisitions Security
Read a review of the security book Mergers and Acquisitions Security.
- Hot Pick: Citrix Systems' Citrix Access Essentials
On The Radar: Security technology can't solve process problems
Perspectives: History teaches security lessons well
Expert Richard Bejtlich looks at the lessons learned in engineering disasters and applies them to information security.
Editor's Desk: Security for the corporate brand
Know Thy Business
Ping: Desiree Beck
- On The Radar: Security technology can't solve process problems
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...