Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

WebInspect Demo Site Update

‎12-12-2013 07:39 AM - edited ‎09-25-2015 10:19 AM

The web site used by the WebInspect product to demonstrate its functionality and effectiveness was significantly upgraded earlier this year.  The new version of was developed to allow WebInspect to showcase its enhanced capabilities against a website that more closely imitates the atmosphere of the modern web.  Using the Apache Struts framework, the Bootstrap Java framework, and the jQuery library, the site is more sleek and modern, but more importantly reproduces traffic similar to what WebInspect customers will see when they scan many of their own sites.  The new site was designed and developed with the intent to make it easy for the HP security team to add new modules, introducing new vulnerabilities or technologies when necessary. 



The username and password combination have changed from the legacy site, but are readily available to any user wishing to scan the site by hovering on the question mark icon on the login page.  The login mechanism is sufficiently advanced such that simply replaying the http traffic will not grant a user access. For an application security scanner to scan the site in an automated fashion it must have an event based macro recorder capable of replaying the user’s actions directly on the user interface.  WebInspect’s macro recorder is based on the TruClient product and handles this form of login mechanism with ease.


The new site is also more intelligent about when vulnerabilities are actually triggered by a request, requiring the user or scanner to send a successful attack before returning vulnerable traffic. It does this while still protecting the database from corruption to offer each tester the same experience with the site.  If you wish to scan the site with WebInspect you can download the trial version and give it a shot. 

0 Kudos
About the Author


on ‎12-18-2013 06:17 PM

I think you meant to say the website is using the Bootstrap css/js framework...

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Jun 7-9
Las Vegas
Discover 2016 Las Vegas
Discover 2016 in Las Vegas, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference and is the place to meet the world’s top information security talent, discuss new products and share information...
Read more
View all