Watchfire Unveils Web Security Solutions

Watchfire has released AppScan 7.6, the latest installment of its application vulnerability analysis tool, and has rolled out a debut of AppScan OnDemand, a service for checking the security exposure of Web applications.

The new AppScan 7.6 release is geared to further automate application security testing for in-house software deployment. New features in the latest release, available now for $14,400, include:

  • PHP fix recommendations that help developers address issues on the PHP platform, as well as ASP.NET and J2EE.
  • A new SQL Injection Exploit extension available from that attempts automatic extraction of database tables to detect dangerous SQL injection vulnerabilities.
  • A Developer Essentials Test Policy to help developers optimize Web application security.
  • Forty-one out-of-the-box compliance reports, such as the new National Institute of Standards and Technology 800-53 and the latest Open Web Application Security Project Top Ten 2007, along with a new AppScan Reporter for Microsoft PowerPoint extension for creating presentations of scan results directly into PowerPoint.

The new AppScan OnDemand service caters to firms with minimal or no application security knowledge, as well as to firms checking the security of business partner apps. The OnDemand service comes in three tiers, starting at $5,000, with the following options:

  • Basic vulnerability assessment. An option to check simple applications, in which Watchfire staff run AppScan, analyze the results and offer recommendations.
  • Comprehensives service. An option offered for medium-to-large apps with a large degree of user access. Watchfire specialists scan via AppScan and then manually test and exploit their findings.
  • Advanced service. An option that combines a comprehensive security test and manual testing to put massive, intricate applications through their paces.

About the Author

David Kopf is a freelance technology writer and editor.


  • Space Image

    Microsoft's Azure Sphere for IoT Devices Now Commercially Available

    Microsoft announced that its Azure Sphere solutions for Internet of Things (IoT) devices have reached the "general availability" (GA) commercial-release stage.

  • Nested Virtualization in Windows 10 Hyper-V

    To test the Windows 10X emulator, Brien needed to figure out how to configure Hyper-V to run on a Windows 10 virtual machine. Here's how he made it work.

  • Google Goes Live with Managed Service for Microsoft Active Directory

    Google's Managed Service for Microsoft Active Directory is now a "generally available" service, according to a Thursday Google announcement.

  • Dell Sells RSA Assets for $2 Billion

    Dell's RSA security solutions businesses, including the RSA Conference, were bought by a consortium of companies for about $2 billion, according to Tuesday announcements.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.