Welcome!

Java IoT Authors: Carmen Gonzalez, Yeshim Deniz, Elizabeth White, Pat Romanski, Liz McMillan

Related Topics: Cloud Security

News Feed Item

HP Launches Application Security Solutions to Help Customers Prevent Web Attacks

HP (NYSE:HPQ) today announced major new releases of its application security software designed to help companies lower costs and protect against malicious web attacks by hackers.

The new offerings are part of HP Application Security Center, a suite of software and services that helps companies ensure the security of their web applications by helping them discover, fix and prevent vulnerabilities that can be exploited by hackers. This video demonstrates one potential vulnerability.

New offerings include:

  • HP Assessment Management Platform 8.0 – helps customers reduce costs and mitigate application risk across the enterprise through a distributed, scalable web application security testing platform.
  • HP WebInspect 8.0 – helps customers thoroughly analyze complex web applications. This new release delivers fast, accurate security testing and remediation capabilities for web applications, including those built on emerging Web 2.0 technologies.
  • HP Software-as-a-Service (SaaS) Project Services for Application Security Center – help customers rapidly and cost-effectively implement their application security initiatives with a complete solution maintained and managed by HP.

“The cost of application security breaches, especially those that result in data being compromised, can be substantial,” said Chenxi Wang, principal analyst, Security and Risk Management, Forrester Research, Inc. “Forrester estimates that cost per record for a security breach is approximately $305 for companies in a highly regulated industry. This cost can be prohibitively high for companies that handle hundreds of thousands or millions of data records.”

With the new offerings from HP, IT executives can prioritize security issues by identifying the assets and data that matter most to their business. This approach allows organizations to focus their limited security resources on issues that have the greatest business impact. For example, organizations can prioritize security efforts for applications associated with credit card transactions and bring them into compliance with security guidelines from the Payment Card Industry (PCI).

“To ensure that our web applications are secure, we have incorporated security testing into every facet of our quality assurance and web application development life cycle,” said Erika Pecciotto, executive director of enterprise technology and quality, Sony Pictures Entertainment. “With HP Application Security Center, which is integrated with HP’s quality and performance testing solutions, our team of highly skilled security experts is now able to increase our security capabilities across our 25 development groups.”

Center of Excellence model improves security coverage, cuts costs

HP Assessment Management Platform 8.0 software helps customers set up a Center of Excellence (CoE) for application security. In a CoE model, a small team of security experts helps analyze the results of security tests that are implemented by people that may not have security expertise.

By using this model to test applications for security vulnerabilities within existing development, quality assurance and operations processes, organizations can increase security coverage across the enterprise at minimal cost. In addition, this model helps organizations find and fix security vulnerabilities earlier in the application design process which helps lower costs.

HP Assessment Management Platform 8.0 software helps customers:

  • Prioritize security issues based on the needs of the business, thereby focusing limited resources in areas that are needed the most.
  • Secure more applications with a small team of specialized application security experts by using a CoE model. This is enabled with new reporting capabilities and a new feature that lets users see how a remote scan is proceeding.

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 software, which are based on the same testing and reporting code, help customers:

  • Find and fix security vulnerabilities in Web 2.0 applications with new static analysis capabilities for applications built on the Adobe® Flash platform and path tracing for dynamic JavaScript/Ajax applications.
  • Automate scans that previously could only be completed manually with support for Java™ Model View Control applications and new depth-first crawling capabilities that can find more security vulnerabilities.
  • Save time with automation features for faster assessment setup and out-of-the-box reporting features.

The new HP SaaS for Application Security Center Project Services provide full scanning and penetration testing services that are designed to:

  • Supplement customer security teams during critical projects or peak testing periods.
  • Provide expertise around the scanning requirements of Web 2.0 technologies.
  • Provide guidance on how to build out an effective compliance-driven web application security scanning practice across the entire enterprise.

HP Software Professional Services provides a full line of education, consulting and packaged services to help customers quickly adopt an effective application security program. These services help customers rapidly deploy HP WebInspect software and develop an Application Security Center of Excellence.

In addition, services provided by EDS, an HP company, help customers secure applications to reduce the risk of vulnerabilities. Additionally, Testing and Quality Assurance Services from EDS provide code scanning and application security testing from a global network of testing centers to ensure applications meet business expectations for security.

“HP Application Security Center helps IT organizations manage the growing risk of security breaches that take place through web applications,” said Jonathan Rende, vice president and general manager, Business Technology Optimization Applications, Software and Solutions, HP. “Today’s application modernization efforts are creating a better end-user experience but it may also produce websites that are more vulnerable to hackers.”

Availability

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 are available now as licensed software products. HP Assessment Management Platform is expected to be available through HP SaaS in May.

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 will be demonstrated at the RSA 2009 Conference in San Francisco, April 20-24, booth 246. They will also be featured at HP Software Universe 2009 in Las Vegas, June 16-18.

More information on the product launch is available at www.hp.com/go/stophackers.

About HP

HP, the world’s largest technology company, simplifies the technology experience for consumers and businesses with a portfolio that spans printing, personal computing, software, services and IT infrastructure. More information about HP is available at http://www.hp.com/.

Note to editors: More news from HP, including links to RSS feeds, is available at http://www.hp.com/hpinfo/newsroom/.

Adobe is a trademark of Adobe Systems Incorporated. Java is a U.S. trademark of Sun Microsystems, Inc.

This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance or market share relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include macroeconomic and geopolitical trends and events; the execution and performance of contracts by HP and its customers, suppliers and partners; the achievement of expected operational and financial results; and other risks that are described in HP’s Quarterly Report on Form 10-Q for the fiscal quarter ended January 31, 2009 and HP’s other filings with the Securities and Exchange Commission, including but not limited to HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2008. HP assumes no obligation and does not intend to update these forward-looking statements.

© 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Where many organizations get into trouble, however, is that they try to have a broad and deep knowledge in each of these areas. This is a huge blow to an organization's productivity. By automating or outsourcing some of these pieces, such as databases, infrastructure, and networks, your team can instead focus on development, testing, and deployment. Further, organizations that focus their attention on these areas can eventually move to a test-driven development structure that condenses several l...
The graph represents a network of 1,329 Twitter users whose recent tweets contained "#DevOps", or who were replied to or mentioned in those tweets, taken from a data set limited to a maximum of 18,000 tweets. The network was obtained from Twitter on Thursday, 10 January 2019 at 23:50 UTC. The tweets in the network were tweeted over the 7-hour, 6-minute period from Thursday, 10 January 2019 at 16:29 UTC to Thursday, 10 January 2019 at 23:36 UTC. Additional tweets that were mentioned in this...
Over the course of two days, in addition to insightful conversations and presentations delving into the industry's current pressing challenges, there was considerable buzz about digital transformation and how it is enabling global enterprises to accelerate business growth. Blockchain has been a term that people hear but don't quite understand. The most common myths about blockchain include the assumption that it is private, or that there is only one blockchain, and the idea that blockchain is...
Never mind that we might not know what the future holds for cryptocurrencies and how much values will fluctuate or even how the process of mining a coin could cost as much as the value of the coin itself - cryptocurrency mining is a hot industry and shows no signs of slowing down. However, energy consumption to mine cryptocurrency is one of the biggest issues facing this industry. Burning huge amounts of electricity isn't incidental to cryptocurrency, it's basically embedded in the core of "mini...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
The term "digital transformation" (DX) is being used by everyone for just about any company initiative that involves technology, the web, ecommerce, software, or even customer experience. While the term has certainly turned into a buzzword with a lot of hype, the transition to a more connected, digital world is real and comes with real challenges. In his opening keynote, Four Essentials To Become DX Hero Status Now, Jonathan Hoppe, Co-Founder and CTO of Total Uptime Technologies, shared that ...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.