Java IoT Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Pat Romanski, Roger Strukhoff

Related Topics: Cloud Security

News Feed Item

HP Launches Application Security Solutions to Help Customers Prevent Web Attacks

HP (NYSE:HPQ) today announced major new releases of its application security software designed to help companies lower costs and protect against malicious web attacks by hackers.

The new offerings are part of HP Application Security Center, a suite of software and services that helps companies ensure the security of their web applications by helping them discover, fix and prevent vulnerabilities that can be exploited by hackers. This video demonstrates one potential vulnerability.

New offerings include:

  • HP Assessment Management Platform 8.0 – helps customers reduce costs and mitigate application risk across the enterprise through a distributed, scalable web application security testing platform.
  • HP WebInspect 8.0 – helps customers thoroughly analyze complex web applications. This new release delivers fast, accurate security testing and remediation capabilities for web applications, including those built on emerging Web 2.0 technologies.
  • HP Software-as-a-Service (SaaS) Project Services for Application Security Center – help customers rapidly and cost-effectively implement their application security initiatives with a complete solution maintained and managed by HP.

“The cost of application security breaches, especially those that result in data being compromised, can be substantial,” said Chenxi Wang, principal analyst, Security and Risk Management, Forrester Research, Inc. “Forrester estimates that cost per record for a security breach is approximately $305 for companies in a highly regulated industry. This cost can be prohibitively high for companies that handle hundreds of thousands or millions of data records.”

With the new offerings from HP, IT executives can prioritize security issues by identifying the assets and data that matter most to their business. This approach allows organizations to focus their limited security resources on issues that have the greatest business impact. For example, organizations can prioritize security efforts for applications associated with credit card transactions and bring them into compliance with security guidelines from the Payment Card Industry (PCI).

“To ensure that our web applications are secure, we have incorporated security testing into every facet of our quality assurance and web application development life cycle,” said Erika Pecciotto, executive director of enterprise technology and quality, Sony Pictures Entertainment. “With HP Application Security Center, which is integrated with HP’s quality and performance testing solutions, our team of highly skilled security experts is now able to increase our security capabilities across our 25 development groups.”

Center of Excellence model improves security coverage, cuts costs

HP Assessment Management Platform 8.0 software helps customers set up a Center of Excellence (CoE) for application security. In a CoE model, a small team of security experts helps analyze the results of security tests that are implemented by people that may not have security expertise.

By using this model to test applications for security vulnerabilities within existing development, quality assurance and operations processes, organizations can increase security coverage across the enterprise at minimal cost. In addition, this model helps organizations find and fix security vulnerabilities earlier in the application design process which helps lower costs.

HP Assessment Management Platform 8.0 software helps customers:

  • Prioritize security issues based on the needs of the business, thereby focusing limited resources in areas that are needed the most.
  • Secure more applications with a small team of specialized application security experts by using a CoE model. This is enabled with new reporting capabilities and a new feature that lets users see how a remote scan is proceeding.

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 software, which are based on the same testing and reporting code, help customers:

  • Find and fix security vulnerabilities in Web 2.0 applications with new static analysis capabilities for applications built on the Adobe® Flash platform and path tracing for dynamic JavaScript/Ajax applications.
  • Automate scans that previously could only be completed manually with support for Java™ Model View Control applications and new depth-first crawling capabilities that can find more security vulnerabilities.
  • Save time with automation features for faster assessment setup and out-of-the-box reporting features.

The new HP SaaS for Application Security Center Project Services provide full scanning and penetration testing services that are designed to:

  • Supplement customer security teams during critical projects or peak testing periods.
  • Provide expertise around the scanning requirements of Web 2.0 technologies.
  • Provide guidance on how to build out an effective compliance-driven web application security scanning practice across the entire enterprise.

HP Software Professional Services provides a full line of education, consulting and packaged services to help customers quickly adopt an effective application security program. These services help customers rapidly deploy HP WebInspect software and develop an Application Security Center of Excellence.

In addition, services provided by EDS, an HP company, help customers secure applications to reduce the risk of vulnerabilities. Additionally, Testing and Quality Assurance Services from EDS provide code scanning and application security testing from a global network of testing centers to ensure applications meet business expectations for security.

“HP Application Security Center helps IT organizations manage the growing risk of security breaches that take place through web applications,” said Jonathan Rende, vice president and general manager, Business Technology Optimization Applications, Software and Solutions, HP. “Today’s application modernization efforts are creating a better end-user experience but it may also produce websites that are more vulnerable to hackers.”


HP WebInspect 8.0 and HP Assessment Management Platform 8.0 are available now as licensed software products. HP Assessment Management Platform is expected to be available through HP SaaS in May.

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 will be demonstrated at the RSA 2009 Conference in San Francisco, April 20-24, booth 246. They will also be featured at HP Software Universe 2009 in Las Vegas, June 16-18.

More information on the product launch is available at www.hp.com/go/stophackers.

About HP

HP, the world’s largest technology company, simplifies the technology experience for consumers and businesses with a portfolio that spans printing, personal computing, software, services and IT infrastructure. More information about HP is available at http://www.hp.com/.

Note to editors: More news from HP, including links to RSS feeds, is available at http://www.hp.com/hpinfo/newsroom/.

Adobe is a trademark of Adobe Systems Incorporated. Java is a U.S. trademark of Sun Microsystems, Inc.

This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance or market share relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include macroeconomic and geopolitical trends and events; the execution and performance of contracts by HP and its customers, suppliers and partners; the achievement of expected operational and financial results; and other risks that are described in HP’s Quarterly Report on Form 10-Q for the fiscal quarter ended January 31, 2009 and HP’s other filings with the Securities and Exchange Commission, including but not limited to HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2008. HP assumes no obligation and does not intend to update these forward-looking statements.

© 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
DXWorldEXPO LLC announced today that "Miami Blockchain Event by FinTechEXPO" has announced that its Call for Papers is now open. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expe...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER give you detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPO also offers s...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...