HPE WebInspect

Most application security testing products may perform well when discovering vulnerabilities in mature web technologies, but they often lack the intelligence required to deeply and accurately analyze today’s Web 2.0 technologies. HPE WebInspect performs web application security testing and assessment for complex web applications built on emerging technologies. Through platform-independent dynamic security analysis in running applications, HPE WebInspect delivers fast scanning capabilities, broad security assessment coverage and accurate web application scanning results.

HPE WebInspect identifies security vulnerabilities that are undetectable by other scanners. With innovative assessment technology, such as simultaneous crawl and audit (SCA) and concurrent application scanning, you get fast and accurate automated web application and web services security testing.

Capabilities

Advanced, automated penetration testing – performs thousands of automated security tests such as SQL Injection and Cross-Site Scripting against running applications.

Unmatched accuracy – uses multiple analysis methods and intelligent security testing engines to confirm exploitable security vulnerabilities so that development teams can focus on fixing only the issues that really matter.

Client-side scripting support – HPE WebInspect statically analyzes client-side scripting code to truly understand the attack surface and function of modern web applications. With support for JavaScript, Flash, Silverlight and others.

Benefits

Find high priority vulnerabilities quickly – HPE WebInspect allows security teams to get started quickly in identifying the most pressing problems through intuitive wizards and componentized security testing.

Accelerated security through advanced testing automation – test more applications in less time with simultaneous crawl and audit technology that allows for more tests, in less time over many applications at once.

Quicker vulnerability remediation – extensive remediation descriptions, steps to reproduce an exploit, code samples & role based scenarios help development teams quickly pinpoint the problems that need to be fixed.

With HPE WebInspect, you can:
— automate web application and web service security testing;
— increase security testing technology coverage with platform-agnostic dynamic security analysis;
— run interactive, repeatable security scans easily via a sophisticated user interface.

Technical Specifications

ОS Windows 7 SP1 (32-/64-bit) (Recommended)
Windows XP Professional SP3 (32-bit)
Windows Vista SP2 (32-/64-bit)
Windows Server 2008 R2 (64-bit) (Recommended)
Windows Server 2003 SP2 (32-bit)
Processor 2.5 GHz Multi-Core or faster (Recommended)
1.5 GHz Single-Core (Minimum)
RAM 4 Gb (Recommended)
2 Gb (Minimum)
HDD 100+ Gb (Recommended)
10 Gb (Minimum)
Display 1280 x 1024 (Recommended)
1024 x 768 (Minimum)
Database Microsoft SQL Server 2008 R2 SP1 (No scan database limit) (Recommended)
Microsoft SQL Server 2008 SP3 (No scan database limit)
Microsoft SQL Server 2005 SP4 (No scan database limit)
Microsoft SQL Server Express Edition 2008 R2 SP1 (10 Gb scan database limit)
Microsoft SQL Server Express Edition 2008 SP3 (4 Gb scan database limit)
Microsoft SQL Server Express Edition 2005 SP4 (4 Gb scan database limit)
Platform Microsoft .NET Framework 3.5 Service Pack 1
Browser Microsoft Internet Explorer 8.0 (Recommended)
Microsoft Internet Explorer 7.0 (Minimum)
Mozilla Firefox 3.6 (Proxy Settings Only)
NIC An active Internet connection (Recommended – for updates)