Fortify WebInspect

WebInspect

software/webinspect | why | h1/h2

Fortify WebInspect

Automated dynamic application security testing (DAST) and interactive application security testing (IAST) technologies that mimics real-world hacking techniques and attacks, provides comprehensive dynamic analysis of complex web applications and services, and crawls more of the attack surface to exposes exploits.

Build an Enterprise Application Security Program

You can easily manage large-scale, distributed dynamic application security testing (DAST) programs across thousands of applications and increase security visibility across the organization.

(PDF 264 KB)

 

Dynamic Application Security Testing, on Demand

Need help scanning your web applications? Fortify on Demand is a managed application security testing service that enables organizations to quickly test the application security of a few applications or launch a comprehensive security program without additional investment in software and personnel.

(PDF 554 KB)

 

Go beyond black box testing with Interactive AppSec Testing (IAST)

Integrating dynamic and runtime analysis to find more vulnerabilities – and fix them faster. WebInspect Agent crawls more of an application to expand the coverage of the attack surface and detect new types of vulnerabilities that can go undetected by black-box security testing technologies.

State of Security in DevOps

Application Security and DevOps Report 2016.

Key Features

Comprehensive

Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

Dynamic AppSec Testing (DAST) and Interactive AppSec Testing (IAST)

Ability to test the dynamic behavior of running web applications and services to identify security vulnerabilities and integrating runtime analysis to expand the attack surface to identify issues in hidden directories and pages that go undetected by black-box testing alone. Integrating dynamic and runtime analysis to find more issues and fix them in a shorter period of time.

Technology made Simple

Optimize your testing resources. Advanced technologies, such as simultaneous crawl, bring professional-level testing to novice security testers.

Compliance Management

Easily inform management on vulnerability trending, compliance management, and risk oversight. Clearly communicate with development on details and priorities of each vulnerability. Get compliance reports for all major industry and regulatory standards (PCI, SOC, ISO and HIPAA).

Integration

Leverage prebuilt integrations for HPE Application Lifecycle Management and Quality Center and other security testing and management systems.

On Premise and On Demand

Start quickly and scale as needed. WebInspect dynamic application security testing (DAST) is available as a licenses product or on demand as a managed service.

Centralized Program Management

Build an enterprise-wide AppSec program that manages and provides visibility to your risk profile via dashboards and reports, so you can confirm remediation, track metrics, trends and progress. WebInspect Enterprise establishes a shared service to centralize results while distributing security intelligence.

previous
  • Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

  • Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

  • Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

  • Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

  • Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

next

Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

"HP WebInspect aumenta considerablemente la calidad y la seguridad en el desarrollo de programas de Gamania. Gamania utiliza actualmente HP WebInspect para realizar una exploración fija mensual de debilidades en la seguridad de las páginas web. El índice de precisión es de prácticamente el 100 % y el software ajusta de forma instantánea la configuración del firewall, automatizando la gestión de la seguridad".

Huang Weiqiang, Director de seguridad de la información de

Gamania

Resources

Case study

 

Cox Automotive eliminates security risks

 

(PDF 276 KB)

Data sheet

 

WebInspect Enterprise extends DAST solutions

 

(PDF 2 MB)

Data sheet

 

WebInspect dynamic application security testing

 

(PDF 481 KB)

Online assessment

 

How mature are your security operations?

 

Related Products and Services

Software Security

Fortify Software Security Center

Manage software risk across the entire secure SDLC—from development to QA and through production.

SAST

Fortify Static Code Analyzer

Automated static code analysis to help developers eliminate vulnerabilities and build secure software.

Application Security Testing

Fortify on Demand

Application Security as a Service.

Mobile Security

Mobile App Security

Secure your mobile stack from device to network communications to server.

Customer Support

Software Support

Meet your IT challenges with industry-leading service and support.

Engage with our Application Security Community

Protect Your Assets Blog

Get IT security insights to protect your business ahead of attackers anywhere in the world.

Security Research Blog

Get innovative research, observations and updates to help you proactively identify threats and manage risk.

Protect724 Community

Join the HPE Security community to share, search, collaborate for solutions and gain feedback.

HPE Security on Twitter

Get the latest tweets on hybrid environment risks and defending against advanced threats.

HPE Security on LinkedIn

Connect with experts and discuss the latest info on new threats and risk in hybrid environments.

HPE Software on Facebook

Join with peers and experts to discuss how to make your HPE software work for you.

HPE Software on Google+

Discuss the latest on how to make your enterprise applications and information work for you.

HPE Business Insights

Gain strategic insights from IT leaders who help others define, measure and achieve better IT performances.