HOME

TheInfoList



OR:

HP Application Security Center (ASC) was a set of technology solutions by
HP Software Division Micro Focus International plc is a British multinational software and information technology business based in Newbury, Berkshire, England. The firm provides software and consultancy. The company is listed on the London Stock Exchange and is ...
. Much of the portfolio for this solution suite came from HP's acquisition of SPI Dynamics.HP to acquire SPI Dynamics for Web security
June 19, 2007 By SearchSecurity.com Staff
The software solutions enabled developers, quality assurance (QA) teams and security experts to conduct
web application security Application security (short AppSec) includes all tasks that introduce a secure software development life cycle to development teams. Its final goal is to improve security practices and, through that, to find, fix and preferably prevent security ...
testing and remediation. The security products have been repackaged as enterprise security products from the HP Enterprise Security Products business in the
HP Software Division Micro Focus International plc is a British multinational software and information technology business based in Newbury, Berkshire, England. The firm provides software and consultancy. The company is listed on the London Stock Exchange and is ...
.


Products

HP Application Security Center consisted of the following products: * HP Assessment Management Platform software for managing a web application security testing program across the application lifecycle * HP WebInspect software for web application security testing and assessment * HP QAInspect software for standardized web application security testing during quality assurance (QA) testing In May 2008, HP Software announced the availability of HP Application Security Center through HP Software as a Service [] along with the announcement of new releases of the HP Application Security Center products. In September 2009, HP announced that it was discontinuing the HP DevInspect software products, formerly part of HP Application Security Center. HP stated that it had switched its focus to solutions for entire development groups rather than on a tool for individual developers. HP DevInspect was software for individual developers to use in creating secure web applications and services, and it integrated with specific IDEs (Integrated Development Environments). HP DevInspect for .NET operated with Microsoft Visual Studio, and HP DevInspect for Java operated with Eclipse or Rational (IBM) Application Developer.


Benefits

HP Application Security Center solutions helped find and fix security vulnerabilities for web applications throughout the application software development lifecycle (SDLC). By catching security vulnerabilities early in the application development lifecycle, organizations could reduce web attacks and vulnerabilities in their web applications. While some security vulnerabilities may exist in the web server or application infrastructure, at least 80 percent of those vulnerabilities existed in the web application itself. HP Application Security Center also creates compliance reports for more than 20 laws, regulations and best practices, including PCI DSS (Payment Card Industry Data Security Standard).“HP Application Security Center and the Payment Card Industry (PCI) Data Security Standard (DSS)”
/ref> PCI DSS is a worldwide information security standard defined by the Payment Card Industry Security Standards Council.


More Information on Application Security

*
Application security Application security (short AppSec) includes all tasks that introduce a secure software development life cycle to development teams. Its final goal is to improve security practices and, through that, to find, fix and preferably prevent security ...
*
SQL injection In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL inj ...
*
Cross-site scripting Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may ...
* PCI DSS
Payment Card Industry Data Security Standard The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council and its use ...


External links


HP Software



References

Application Security Center