Security Research
Showing results for 
Search instead for 
Do you mean 

Q3 2012 Update from Software Security Research

on ‎08-31-2012 03:56 PM

HP Software Security Research is pleased to announce the immediate availability of updates to HP WebInspect SecureBase (available via SmartUpdate), the HP Fortify Secure Coding Rulepacks (English language, version 2012.3.0.0008), and HP Fortify Runtime Rulepack Kits (version 2012.3.0.20). 


HP WebInspect SecureBase (WebInspect)

SecureBase combines checks for thousands of vulnerabilities with policies that guide users in identifying critical flaws in web applications under test. In summary, our latest release includes the following updates:

  • Session Management (OWASP Top Ten A3)
  • HTML5, XML HTTP Request (XHR)*, NoSQL CouchDB and MongoDB* enhancements
  • Cross-Site Scripting (XSS) filter bypass
  • Integrated Secure Sockets Layer (SSL) Testing* (OWASP Top Ten A9)
  • Mobile Attack Surface Enumeration*
  • Seven Pernicious Kingdoms Support*

HP Fortify Secure Coding Rulepacks (SCA)

As of this release, the Fortify Secure Coding Rulepacks detect 532 unique categories of vulnerabilities across 21 programming languages and over 710,000 individual APIs.  In summary, our latest update includes the following features:

  • Java 7
  • Microsoft ASP.NET MVC
  • DISA STIG 3.4

HP Fortify Runtime Rulepack Kits (RTA and SecurityScope)

As of this release, the HP Fortify Runtime Rulepack Kits detect 40 unique categories with RTA, 22 unique categories with AppSM, 13 unique categories with SecurityScope, and 10 unique categories for Dynamic Taint Analysis. In summary, the release covers:


RTA and AppSM Rulepack Kit

  • 4 New Categories

SecurityScope Rulepack Kit

  • CAPTCHA Framework Bypass
  • User Account Protections

Premium Content

SSR continues to extend and build upon security artifacts outside HP WebInspect SecureBase, the Fortify Secure Coding Rulepacks, and Fortify Runtime Rulepack kits.

  • DISA STIG 3.4 Report^

As always, we hope that you have found our products helpful and we welcome any feedback you have. 


* Requires HP WebInspect 9.3 (upcoming) or later
^ Requires HP SSC 3.60 (upcoming) or later

0 Kudos
About the Author


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Jun 7-9
Las Vegas
Discover 2016 Las Vegas
Discover 2016 in Las Vegas, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference and is the place to meet the world’s top information security talent, discuss new products and share information...
Read more
View all