WebInspect (DAST)

The potential impact of hybrid analysis–combining dynamic and static testing methods–is clear.

You get the advantages of each – the vulnerability confirmation in a dynamic test with the application coverage, root-cause analysis, and line-of-code detail of static analysis. This breakthrough combines WebInspect’s advanced dynamic application security testing technology with the real-time application security technology of Fortify SecurityScope.

When used in together, WebInspect and Fortify SecurityScope can stimulate the application through automated, external security attacks, and then gather internal, code-level vulnerability information by observing the attacks in the code as they happen. You can now uncover real issues more quickly, determine root cause and deliver more actionable results to development for remediation.

With WebInspect Real-Time you can inspect parts of the application that it may not find through normal crawling, collect information about the internal behaviors of an application during dynamic tests and detect new types of vulnerabilities. As a result you filter out false positives, confirm vulnerabilities and provide the development team with more actionable details, such as stack trace and line of code detail.

Features

Resolve software security issues faster and more cost-effectively, deliver more actionable results to development, reduce application security tasks and simplify and automate secure software delivery.

Crawl more of your applications

Get automatic attack surface identification

Detect new types of vulnerabilities, e.g., privacy violation and log forging

Filter out false positives

Confirm vulnerabilities with Fortify SecurityScope

Provide actionable details, e.g., stack trace and line of code

Need more information.

We have you covered. Download one of the following sheets to get more details about Fortify on Demand.

DAST for the Enterprise

WebInspect Automated DAST

WebInspect DAST Data Sheet

Fortify on Demand

Fortify on Demand serves the role of an independent, third-party system of record, conducting a consistent, unbiased analysis of an application and providing a detailed tamperproof report back to the security and development teams.

Fortify on Demand is:

  • Easy to manage: No hardware, no software, and no maintenance
  • Fast: Results typically in less than 24 hours for static assessments
  • Compliant: Quickly pass compliance PCI, HIPAA, FISMA, and many other standards
  • Flexibility: Migrate easily and quickly to the Fortify on-premise solution and vice versa

If you would like more information on Fortify, contact us today!

Contact Us! Let's Talk!

NDM Technologies © 1994 - Present | Website Developed & Managed by C. CREATIVE, LLC