Welcome!

Java IoT Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski, Yeshim Deniz

Related Topics: Cloud Security

News Feed Item

HP Launches Application Security Solutions to Help Customers Prevent Web Attacks

HP (NYSE:HPQ) today announced major new releases of its application security software designed to help companies lower costs and protect against malicious web attacks by hackers.

The new offerings are part of HP Application Security Center, a suite of software and services that helps companies ensure the security of their web applications by helping them discover, fix and prevent vulnerabilities that can be exploited by hackers. This video demonstrates one potential vulnerability.

New offerings include:

  • HP Assessment Management Platform 8.0 – helps customers reduce costs and mitigate application risk across the enterprise through a distributed, scalable web application security testing platform.
  • HP WebInspect 8.0 – helps customers thoroughly analyze complex web applications. This new release delivers fast, accurate security testing and remediation capabilities for web applications, including those built on emerging Web 2.0 technologies.
  • HP Software-as-a-Service (SaaS) Project Services for Application Security Center – help customers rapidly and cost-effectively implement their application security initiatives with a complete solution maintained and managed by HP.

“The cost of application security breaches, especially those that result in data being compromised, can be substantial,” said Chenxi Wang, principal analyst, Security and Risk Management, Forrester Research, Inc. “Forrester estimates that cost per record for a security breach is approximately $305 for companies in a highly regulated industry. This cost can be prohibitively high for companies that handle hundreds of thousands or millions of data records.”

With the new offerings from HP, IT executives can prioritize security issues by identifying the assets and data that matter most to their business. This approach allows organizations to focus their limited security resources on issues that have the greatest business impact. For example, organizations can prioritize security efforts for applications associated with credit card transactions and bring them into compliance with security guidelines from the Payment Card Industry (PCI).

“To ensure that our web applications are secure, we have incorporated security testing into every facet of our quality assurance and web application development life cycle,” said Erika Pecciotto, executive director of enterprise technology and quality, Sony Pictures Entertainment. “With HP Application Security Center, which is integrated with HP’s quality and performance testing solutions, our team of highly skilled security experts is now able to increase our security capabilities across our 25 development groups.”

Center of Excellence model improves security coverage, cuts costs

HP Assessment Management Platform 8.0 software helps customers set up a Center of Excellence (CoE) for application security. In a CoE model, a small team of security experts helps analyze the results of security tests that are implemented by people that may not have security expertise.

By using this model to test applications for security vulnerabilities within existing development, quality assurance and operations processes, organizations can increase security coverage across the enterprise at minimal cost. In addition, this model helps organizations find and fix security vulnerabilities earlier in the application design process which helps lower costs.

HP Assessment Management Platform 8.0 software helps customers:

  • Prioritize security issues based on the needs of the business, thereby focusing limited resources in areas that are needed the most.
  • Secure more applications with a small team of specialized application security experts by using a CoE model. This is enabled with new reporting capabilities and a new feature that lets users see how a remote scan is proceeding.

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 software, which are based on the same testing and reporting code, help customers:

  • Find and fix security vulnerabilities in Web 2.0 applications with new static analysis capabilities for applications built on the Adobe® Flash platform and path tracing for dynamic JavaScript/Ajax applications.
  • Automate scans that previously could only be completed manually with support for Java™ Model View Control applications and new depth-first crawling capabilities that can find more security vulnerabilities.
  • Save time with automation features for faster assessment setup and out-of-the-box reporting features.

The new HP SaaS for Application Security Center Project Services provide full scanning and penetration testing services that are designed to:

  • Supplement customer security teams during critical projects or peak testing periods.
  • Provide expertise around the scanning requirements of Web 2.0 technologies.
  • Provide guidance on how to build out an effective compliance-driven web application security scanning practice across the entire enterprise.

HP Software Professional Services provides a full line of education, consulting and packaged services to help customers quickly adopt an effective application security program. These services help customers rapidly deploy HP WebInspect software and develop an Application Security Center of Excellence.

In addition, services provided by EDS, an HP company, help customers secure applications to reduce the risk of vulnerabilities. Additionally, Testing and Quality Assurance Services from EDS provide code scanning and application security testing from a global network of testing centers to ensure applications meet business expectations for security.

“HP Application Security Center helps IT organizations manage the growing risk of security breaches that take place through web applications,” said Jonathan Rende, vice president and general manager, Business Technology Optimization Applications, Software and Solutions, HP. “Today’s application modernization efforts are creating a better end-user experience but it may also produce websites that are more vulnerable to hackers.”

Availability

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 are available now as licensed software products. HP Assessment Management Platform is expected to be available through HP SaaS in May.

HP WebInspect 8.0 and HP Assessment Management Platform 8.0 will be demonstrated at the RSA 2009 Conference in San Francisco, April 20-24, booth 246. They will also be featured at HP Software Universe 2009 in Las Vegas, June 16-18.

More information on the product launch is available at www.hp.com/go/stophackers.

About HP

HP, the world’s largest technology company, simplifies the technology experience for consumers and businesses with a portfolio that spans printing, personal computing, software, services and IT infrastructure. More information about HP is available at http://www.hp.com/.

Note to editors: More news from HP, including links to RSS feeds, is available at http://www.hp.com/hpinfo/newsroom/.

Adobe is a trademark of Adobe Systems Incorporated. Java is a U.S. trademark of Sun Microsystems, Inc.

This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance or market share relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include macroeconomic and geopolitical trends and events; the execution and performance of contracts by HP and its customers, suppliers and partners; the achievement of expected operational and financial results; and other risks that are described in HP’s Quarterly Report on Form 10-Q for the fiscal quarter ended January 31, 2009 and HP’s other filings with the Securities and Exchange Commission, including but not limited to HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2008. HP assumes no obligation and does not intend to update these forward-looking statements.

© 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Whenever a new technology hits the high points of hype, everyone starts talking about it like it will solve all their business problems. Blockchain is one of those technologies. According to Gartner's latest report on the hype cycle of emerging technologies, blockchain has just passed the peak of their hype cycle curve. If you read the news articles about it, one would think it has taken over the technology world. No disruptive technology is without its challenges and potential impediments t...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
If a machine can invent, does this mean the end of the patent system as we know it? The patent system, both in the US and Europe, allows companies to protect their inventions and helps foster innovation. However, Artificial Intelligence (AI) could be set to disrupt the patent system as we know it. This talk will examine how AI may change the patent landscape in the years to come. Furthermore, ways in which companies can best protect their AI related inventions will be examined from both a US and...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (November 12-13, 2018, New York City) today announced the outline and schedule of the track. "The track has been designed in experience/degree order," said Schmarzo. "So, that folks who attend the entire track can leave the conference with some of the skills necessary to get their work done when they get back to their offices. It actually ties back to some work that I'm doing at the University of San...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...