Kenai Systems Announces Availability of Web Services Inspection Tool for Web Services Vulnerability Assessment; Free Beta Version of eXamine 1.0 Now Available for Download.ROCKLIN, Calif. -- First Component of Complete Web Services (1) Loosely, any online service delivered over the Web. Such usage appears in articles from non-technical sources, but not in IT-oriented publications, because definition #2 below describes the correct use of the term. Vulnerability Assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. and Management Solution Kenai Systems, Inc., the Web Services Vulnerability Assessment and Management ("VAM VAM Vinyl Acetate Monomer VAM Vesicular-Arbuscular Mycorrhizae VAM Vitt Ariskt Motstånd (Swedish: White Aryan Resistance) VAM Vitt Ariskt Motstånd (Sweden) ") experts, today announced the immediate availability of a free beta version A pre-shipping release of hardware or software that has gone through alpha test. A beta version of software is supposed to be very close to the final product, but, in practice, it is more a way of getting users to test the software in the first place under real conditions. of eXamine 1.0, a Web Services inspection tool that enables developers to import WSDL (Web Services Description Language) An XML-based language for defining Web services. Developed by Microsoft and IBM, WSDL describes the protocols and formats used by the service. files and to test with them for Web Services security vulnerabilities as defined in the WSDL document. eXamine 1.0 will be available as a free download until December 15 at www.kenaisystems.com. "The eXamine 1.0 product released today is the first member of a Kenai software product family that will provide a complete solution for Web Services Vulnerability Assessment and Management, addressing both design-based and attack-centric vulnerabilities," said Bill Kesselring, Chief Executive Officer of Kenai Systems. "Web services developers need a tool that will enable them to identify, mitigate, and test against the security vulnerabilities discovered in production environments. Kenai's complete solution will address security needs in the complete Web services life-cycle, including development, testing, and production. Enterprises will benefit increased security and more effective development and deployment processes." Web Services: Vulnerable to Attack Sixty-one percent of surveyed CIOs have said that security is their top Web Services concern. Web Services are vulnerable both to malicious attack and to failure in their ordinary course of operation as a result of design defects. Moreover, a majority of these vulnerabilities are "designed in", through either oversight on the part of developers, failure to consider current best practices or design gaps in the current generation of Web Services standards. Web Services vulnerabilities may be loosely grouped into two categories. First, design-centric vulnerabilities include those related to standards non-compliance, lack of authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. enforcement, mishandling of digital signatures and failure to encrypt See encryption. data. Second, attack-centric vulnerabilities include those aspects of Web Services that may be the target of probing attacks, coercive co·er·cive adj. Characterized by or inclined to coercion. co·er  cive·ly adv. parsing See parse. parsing - parser or external reference attacks. Industry analysts predict that the Vulnerability Assessment and Management security software market will grow to $2.2 billion by 2008. Gartner, a leading research firm, recommends that 50% of overall Web Services budgets should be spent on Web Services security. Introducing eXamine 1.0 "Detecting Web Services vulnerabilities is a time-consuming and manual process, and few developers have all the security expertise actually required," said Jack Quinnell, Chief Technical Officer of Kenai Systems. "eXamine 1.0 will help detect and eliminate Web Services vulnerabilities in the development phase and enable teams to build security into their Web Services." eXamine 1.0 is the first building block of a complete best-practices Vulnerability Assessment and Management solution. Key features of eXamine 1.0 include: --A complete Web Services developer test bench, including open, browse, save, list, search and display operations for WSDL files --Local and remote testing of Web Services, including WSDL files and a full suite of Request-Response operations --Complete logging of all executed requests and all communicated activity, which is essential for audit and quality assurance use --Small standalone stand·a·lone adj. Self-contained and usually independently operating: a standalone computer terminal. version footprint (6MB with Help files) --Available as a standalone tool and soon as an Eclipse plug-in Product Availability Developers can download a free beta version of eXamine 1.0 through December 15 from Kenai Systems' Website at www.kenaisystems.com. A commercial version of eXamine 1.0 will be available in December for USD USD In currencies, this is the abbreviation for the U.S. Dollar. Notes: The currency market, also known as the Foreign Exchange market, is the largest financial market in the world, with a daily average volume of over US $1 trillion. $70 per seat license. About Kenai Systems Kenai Systems, Inc. is a leading provider of Web Services Vulnerability Assessment and Management solutions. Kenai was founded in April, 2004, has headquarters in Rocklin, Calif. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion