QAInspect
Showing results for 
Search instead for 
Do you mean 

Can we use HP QAInspect for security testing of desktop application?

Highlighted
Occasional Contributor

Can we use HP QAInspect for security testing of desktop application?

We have application like Calculator, can we use HP QAInspect for security testing of desktop application like Calculator or it is always Web application.

4 REPLIES
Valued Contributor

Re: Can we use HP QAInspect for security testing of desktop application?

What type of security testing are you looking at doing for your desktop app?

Sorry, QAInspect, just like WebInspect is only for Web apps. QAInspect has better integration with Quality Center/ALM.

Quentin Baker
HP Application Security Center
Occasional Contributor

Re: Can we use HP QAInspect for security testing of desktop application?

We develop applications like client server applications where Client
sits on the Windows OS and Server is (Some hardware/embedded system having OS
QNX/UNIX) these client server applications communicate over the Ethernet?

Can QA inspect be used for these kind of applications?

 

Valued Contributor

Re: Can we use HP QAInspect for security testing of desktop application?

QAInspect can only be used to scan a web application, website, or web service.

See below for more information on our products:

 

https://www.fortify.com/products/HP_ASC/index.html

 

https://www.fortify.com/products/qa_inspect.html

 

Quentin Baker
HP Application Security Center
Honored Contributor

Re: Can we use HP QAInspect for security testing of desktop application?

However, the HP ASC group not only offers solutions for DAST testing of web apps, but also SAST testing of raw source code.  On the same HP Fortify web site that Quentin suggested you will find more details on our source code analysis solutions.  These can be leveraged inside an IDE, at build-time, et al, and currently support 19 languages.  These will be able to perform security testing of your client-server or desktop application.

 

Our web app testing tools (DAST) come by way of SPI Dynamics (2007 acquisition).  These include AMP, QAInspect, and WebInspect.

 

Our code testing tools (SAST) come by way of Fortify (2010 acquisition).  these include the F360 server, SCA, AWB, PTA, and RTA.

 

We are working on hybrid solutions for both of these, with WebInspect Real-Time (WebInspect coupled with SecurityScope) being the first packaged one.


-- Habeas Data
HP Fortify Customers-Only Forums – https://protect724.hp.com/community/fortify