WebInspect (DAST)

What's the Cost?
How does it work?
Need more Info?

The potential impact of hybrid analysis–combining dynamic and static testing methods–is clear.

You get the advantages of each – the vulnerability confirmation in a dynamic test with the application coverage, root-cause analysis, and line-of-code detail of static analysis. This breakthrough combines WebInspect’s advanced dynamic application security testing technology with the real-time application security technology of Fortify SecurityScope.
 

When used in together, WebInspect and Fortify SecurityScope can stimulate the application through automated, external security attacks, and then gather internal, code-level vulnerability information by observing the attacks in the code as they happen. You can now uncover real issues more quickly, determine root cause and deliver more actionable results to development for remediation.

With WebInspect Real-Time you can inspect parts of the application that it may not find through normal crawling, collect information about the internal behaviors of an application during dynamic tests and detect new types of vulnerabilities. As a result you filter out false positives, confirm vulnerabilities and provide the development team with more actionable details, such as stack trace and line of code detail.

Features

Resolve software security issues faster and more cost-effectively, deliver more actionable results to development, reduce application security tasks and simplify and automate secure software delivery.
  • Crawl more of your applications
  • Get automatic attack surface identification
  • Detect new types of vulnerabilities, e.g., privacy violation and log forging
  • Filter out false positives
  • Confirm vulnerabilities with Fortify SecurityScope
  • Provide actionable details, e.g., stack trace and line of code
Need more information.

We have you covered. Download one of the following sheets to get more details about Fortify on Demand.

DAST for the Enterprise

DOWNLOAD NOW

WebInspect Automated DAST

DOWNLOAD NOW

WebInspect DAST Data Sheet

DOWNLOAD NOW

Fortify on Demand
Fortify on Demand serves the role of an independent, third-party system of record, conducting a consistent, unbiased analysis of an application and providing a detailed tamper-proof report back to the security and development teams. Fortify on Demand is:
  • Easy to manage: No hardware, no software, and no maintenance
  • Fast: Results typically in less than 24 hours for static assessments
  • Compliant: Quickly pass compliance PCI, HIPAA, FISMA, and many other standards
  • Flexibility: Migrate easily and quickly to the Fortify on-premise solution and vice versa
LEARN MORE

If you would like more information on this service, contact us today!

Contact Us