WebApp360: Enterprise Class Web Application Scanning
Online systems such as banking, healthcare, e-commerce, and customer support portals increasingly collect and provide access to extremely sensitive data and internal systems that provide a juicy target for opportunistic hackers. Since mid-2006, web application vulnerabilities such as Cross-Site Scripting (XSS) and SQL Injection attacks have made up an increasing percentage of newly discovered vulnerabilities and actual reported intrusions.
The commonly held solution to securing web applications has been to perform security testing during development and QA. But what if the application was developed by a third party, and not the enterprise? What if an emergency code change occurred and the security analysis was insufficient? And what about the underlying operating system, adjacent applications, and databases connected to the web applications – none of which are tested by traditional web application scanners? Security assessments that occur during production are the only assessments that give enterprises real time, continuous knowledge of the security posture of their web applications. WebApp360 is designed for exactly that -- web application security testing for production environments.
- Complete web application infrastructure assessment , including web applications, underlying operating systems, and adjacent applications in production environments
- Comprehensive security risk analysis, combining web application coverage with network, operating system, and infrastructure exposure intelligence
- Leverages Tripwire's appliance-based architecture, eliminating the high cost of deployment and maintenance associated with other solutions
WebApp360 extends Tripwire’s market-leading security risk management platform, IP360, to include assessment of enterprise web applications, offering the industry’s most comprehensive view of IT security risk. WebApp360 enables enterprises to automatically and continuously detect critical web application vulnerabilities within the context of overall IT risk, enabling security teams to focus resources on the most important risks. Available as an integrated add-on module to IP360, WebApp360 benefits from IP360’s market-leading scalability, manageability, appliance-based architecture and vulnerability coverage. Together, WebApp360 and IP360 offer customers an unprecedented, prioritized assessment of IT security risk, from web applications to the underlying IT infrastructure supporting them.