Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

SANS reviews HP WebInspect

markpainter ‎11-15-2013 01:01 PM - edited ‎07-07-2015 09:30 AM

The SANS Institute recently did an in-depth evaluation of WebInspect to determine how well it meets market demands and its effectiveness in securing web applications. So we've known for years that the weakest points in modern infrastructures are web applications. Older web applications simply were not developed with security in mind, application development teams tend to stick to the original version of 3rd party components that ultimately become vulnerable, both old and new technologies alike continue to introduce new vulnerabilities, and on and on. There are myriad other reasons that application security only continues to increase in complexity, all of them making enterprises that much harder to secure. 

 

Ultimately, organizations need an application security solution that's both scalable and effective in finding and fixing web application vulnerabilities. SANS takes a close-up look at the latest version of HP WebInspect, and gives insight into how it can effectively be used to secure web applications. Along with an in-depth feature examination, SANS also reviewed WebInspect's effectiveness in meeting a variety of critical categories including:

 

•Automation and Ease in Configuration

•Support for Large Scans

•False Positive Reduction

•Advanced Attack Technique Simulation

•Detailed Reporting and Remediation Guidance

 

So how did WebInspect do? You can register and download the evaluation from here:

http://bit.ly/1e5ZwP7

 

As well, we cover the results in a webinar which can be viewed here:

https://www.sans.org/webcasts/securing-web-applications-simple-scalable-97022

 

Bonus: the webinar includes an extremely animated yours truly covering the current state of the application security landscape. That's worth the price of admission alone :-)

0 Kudos
About the Author

markpainter

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference to learn from peers in every industry and hear from Big Data experts and thought leaders in an exciting, energy fille...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference and is the place to meet the world’s top information security talent, discuss new products and share information...
Read more
View all