Cenzic Hailstorm 2.0 automates security testing for Web apps
Wouldn’t it be nice if you could find and correct vulnerabilities in your Web applications before a hacker did? You can with Cenzic Hailstorm 2.0. An automated application security assessment tool, Hailstorm allows security managers, code developers, and departmental managers to create and run tests of application logic and security checks specific to their job functions, helping to ensure coding best practices and even regulatory compliance. Its clean and intuitive user interface allowed me to create and run a test job against a sample Web application in my lab in less than 10 minutes.
Test creation involves capturing a Web application into a structure called a Traversal and then defining a job to run against the Traversal. The job consists of the specific policies to test against the application, such as cross-site scripting, buffer overflow, and SQL attacks. Hailstorm comes with a great set of predefined policies, and it allowed me to edit existing policies and create new policies to meet my specific test requirements. When vulnerabilities are found, Hailstorm provides remediation information to help locate and correct the problem.
One of Hailstorm’s most impressive features is the reporting system. When a job completes, a wealth of information is presented to the job owner. You can drill down on a vulnerability to see the exact HTTP request and response from the Web server as well as the URL that generated the error. Hailstorm uses Crystal Reports to generate interactive charts. These allowed me to drill down into a vulnerability to view the specifics of the problem -- great for managers who must know just the results of tests. Hailstorm is a powerful new tool that proactively protects Web applications.
Cenzic Hailstorm 2.0
Cost: Subscription pricing starts at $35,000 per application per year for one application
You may still be better off sticking with Win7 or Win8.1, given the wide range of ongoing Win10...
An unlikely combination of two Windows updates can reduce scan times from hours to minutes
With myriad problems now evident, it may be best to skip the Anniversary Update for now
From Docker containers and Nano Server to software-defined storage and networking improvements, Windows...
Your killer resume and impeccable credentials have landed you an interview, and here's how to nail it ...
Tired of slow joins and poky graph analytics? These database solutions use GPU acceleration for faster...
When developers and suppliers carefully list the tools used to build an application and what...