HOME
IBM SOLUTIONS
HP SOFTWARE SOLUTIONS
RETAIL INTELLIGENCE
PROFESSIONAL SERVICES
EDUCATIONAL SERVICES
About SKY | Products | Customers | Partners | Contact Us | Careers | Site Map
HP SOFTWARE SOLUTIONS

"Sky IT Group is dedicated to assisting customers  in every aspect of Application Lifecycle Management (ALM). ALM improves software quality and productivity with tools, services, and training."

APPLICATION SECURITY


What is Web Application Security? 


Web application security is extremely complex and constantly changing. How can you master Web security for your organization in this intricate, dynamic environment?


Now, more than ever before, Web applications are a critical part of your business. Your employees, customers and partners prefer to do business online and trust that their transactions are secure. Your organization may have carefully protected its perimeter with intrusion detection systems and firewalls, but your firewalls have to keep Ports 80 and 443 (SSL) open in order to facilitate online business. These ports are open doors to hackers who have figured out thousands of ways to penetrate your web applications. What do you need to lock hackers out and secure your Web applications?


As an HP BTO Web Application Security parter, Sky IT Group is capable of offering our customers with a wide variety of Application Security products and solutions. SPI Dynamics is widely known as the web application security experts. SPI has built their web security expertise directly into their comprehensive suite of products and services that support the entire web application lifecycle from development and web application testing to deployment, ongoing security operations and compliance auditing. SPI Dynamics' suite of Web application security products help organizations build and maintain secure Web applications, preventing attacks that would otherwise go undetected by today's traditional corporate Internet security measures. The SPI products enable all phases of the software development lifecycle to collaborate in order to build, test and deploy secure applications.


The SPI Dynamics suite of tools can offer security solutions for:

Assessment Management

Security Professionals

Application Developers

QA Professionals 


Automated Application Assessment Management

SPI Dynamics Assessment Management PlatformTM (AMP) is the comprehensive platform for managing, tracking, and measuring Web application security risk. AMPTM automates application risk management across the enterprise by providing an organization-wide view of application security with centralized control. AMP is the only security platform that offers these innovative capabilities:

  • Remotely manages assessment activities of scan clients and their users
  • Enables monitoring of assessment activities in development, quality assurance testing and production
  • Manages and launches unlimited scans simultaneously
  • Distributed architecture provides the most scalable assessment platform possible
  • Engineers performing security assessments in the field can disconnect from AMP and then synchronize their results when they reconnect
Automated Penetration Testing

SPI Dynamics' software assists organizations in building and maintaining secure Web applications, which helps them guarantee hacker protection at the Web application layer. In addition, WebInspect helps to prevent attacks by promoting collaboration among developers, testers and security specialists and automating the process of penetration testing. Web applications created using SPI Dynamics products:

  • Resist attack or misuse, lessening the risk to online business operations
  • Are easier to certify as secure, helping prove regulatory compliance
  • Have significantly greater uptime and reliability
  • Cost less to develop, maintain and support
SPI Dynamics' WebInspect, provides the ability to pinpoint security vulnerabilities in Web applications quickly and easily.

Concerned about Java and Javascript security?

If your organization builds Web applications in Java, you are probably concerned about Java security and Javascript security. While there are built-in security features in Java and Javascript, these measures don’t protect against the most common vulnerabilities at the application layer. With WebInspectTM application security assessment tool, you can analyze your Web applications and Web services for vulnerabilities.

Concerned about .NET security?

SPI Dynamics' development products, DevInspect, give Visual Studio .NET developers a comprehensive toolset that proactively finds and fixes insecure code. For the first time, developers have the ability to build secure Web applications and services quickly and easily, without the need for specialized security knowledge and without the risk of slowing aggressive product release schedules.

SPI Dynamics' QAInspect extends testing environments with a comprehensive, automated security test. Most QA professionals are not security experts and are looking for tools to help them test Web applications for security.

QA professionals have learned that Web application security vulnerabilities must be treated like any other software defect. Organizations save time and money by identifying and correcting security defects early in the development process – long before Web applications are deployed in production environments. 

Tight Integration with HP Functional Testing Products

QAInspect is tightly integrated with all Mercury functional testing products, allowing QA professionals to analyze Web applications within their existing testing framework.


For HP Quality Center™  or TestDirector®- QAInspect enables QA professionals to plan, execute and manage automated Web application security testing from within the familiar Quality Center or TestDirector platforms. This allows QA professionals to easily leverage existing Quality Center and Test Director features for their security tests.


For HP QuickTest Professional™ or WinRunner™- QAInspect for WinRunner and QuickTest Professional is the only security product today that provides users the ability to leverage existing functional test scripts to perform automated security analysis. QAInspect converts existing functional scripts and enables users to import these converted scripts into the security scan. Not only does this save time by eliminating the need to manually create security scripts, but QAInspect also reduces scan time and allows the user to focus on specific pages and process flows. 


For HP Business Process Testing™ - SPI Dynamics' Business Process Testing components for HP Quality Center enable QA professionals to quickly and easily add application security testing into their existing Test Plan. These pre-written test scripts contain comprehensive automated security analysis. Now, the people who are most knowledgeable about the business process and the application functionality can quickly build comprehensive security tests without any security expertise. SPI Dynamics is the first and only company to provide a fully integrated BPT security accelerator for HP Quality Center. The SPI Dynamics BPT Security Accelerators are available as a plug-in to SPI Dynamics QAInspect.


Evaluate

 HP Professional Services

 HP Educational Services


Application Security Products

 Assessment Management Platform (AMP)

 WebInspect

 DevInspect

 QAInspect


Application Security Resources

 HP Application Security Resource Library

 Application Security Blogs

 Datasheet: HP web application security across the development lifecycle

 Datasheet: HP security assessment technology



Learn today how Sky I.T. Group can help you run I.T. like a business.

 Download Sky's HP Software Datasheet

 Contact Sky IT Group's HP Software Group, email us or call 866 SKY-3500 ext 107
 SOA Transformation
 Project & Portfolio Management
 Application Delivery
Application Security
 Application Management
 HP Professional Services
 HP Software Education

 
© 2010 Sky IT Group. All rights reserved.