Wouldn’t it be nice if you could find and correct vulnerabilities in your Web applications before a hacker did? You can with Cenzic Hailstorm 2.0. An automated application security assessment tool, Hailstorm allows security managers, code developers, and departmental managers to create and run tests of application logic and security checks specific to their job functions, helping to ensure coding best practices and even regulatory compliance. Its clean and intuitive user interface allowed me to create and run a test job against a sample Web application in my lab in less than 10 minutes.
Test creation involves capturing a Web application into a structure called a Traversal and then defining a job to run against the Traversal. The job consists of the specific policies to test against the application, such as cross-site scripting, buffer overflow, and SQL attacks. Hailstorm comes with a great set of predefined policies, and it allowed me to edit existing policies and create new policies to meet my specific test requirements. When vulnerabilities are found, Hailstorm provides remediation information to help locate and correct the problem.
One of Hailstorm’s most impressive features is the reporting system. When a job completes, a wealth of information is presented to the job owner. You can drill down on a vulnerability to see the exact HTTP request and response from the Web server as well as the URL that generated the error. Hailstorm uses Crystal Reports to generate interactive charts. These allowed me to drill down into a vulnerability to view the specifics of the problem -- great for managers who must know just the results of tests. Hailstorm is a powerful new tool that proactively protects Web applications.
Cenzic Hailstorm 2.0
Cost: Subscription pricing starts at $35,000 per application per year for one application
You may still be better off sticking with Win7 or Win8.1, given the wide range of ongoing Win10...
Now that we're down to the wire, many upgraders report that the installer hangs. If this happens to...
Based on a technique created by a German blogger, here's how to stop wasting hours checking for Windows...
PowerShell is a valuable tool for automating Windows admin tasks, including laborious security chores
Are your assets bankable in 2017? Hiring managers say they'll seek out these skills most in the New...
Don’t delay, and don’t let empire-builders stand in the way of adopting devops
The free service for document-sharing with live code can be used for building machine learning models