Tripwire includes web application scanning with IP360
Posted on 07 June 2013.
Bookmark and Share
Tripwire announced that dynamic web application scanning is now included in IP360. This critical functionality enables customers to detect and prioritize web application vulnerabilities within the context of overall information security risk.

The quantity and value of data connected to web applications make them the target of frequent cyber attacks, and according to a 2013 report from White Hat Security, 86 percent of all websites tested had at least one serious coding error.

The Tripwire WebApp360 solution enables users to automatically detect web applications and identify IT vulnerabilities, allowing users to focus resources on the most important threats. With the addition of web application scanning, IP360 offers customers prioritized assessment of IT security risk across their entire network – from web applications to the underlying IT infrastructure supporting them.

The IP360 web application scanning solution includes coverage in all categories of the Open Web Application Security Project (OWASP) Top Ten. OWASP is the pre-eminent standards body that develops and maintains a consensus-driven list of the most critical web application security flaws.

The OWASP Top Ten is used by the U.S. Defense Information Systems Agency’s (DISA) DoD Information Assurance Certification and Accreditation Process (DIACAP) and is recommended by the U.S. Federal Trade Commission and MITRE, and it has been adopted by the Payment Card Industry Data Security Standards Council for the PCI Data Security Standard (PCI DSS) as well as many other standards.

“Web applications are widely used across enterprise – both internally and externally – but vulnerabilities in these critical applications aren’t detected with traditional network vulnerability scans,” said Tim Erlin, director of IT security and risk strategy for Tripwire. “The WebApp360 solution aims to close this gap by detecting web application vulnerabilities and presenting them in the context of overall network security.”





Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Apr 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //