Parasoft SOAPtest 4.0 Gives Enterprises the Ability to Develop Secure, Compliant, Reliable Web Services; First End-to-End Solution that Integrates Security Penetration Testing with Comprehensive Functional Testing for Thorough Web Services Development.MONROVIA, Calif. -- Parasoft Corporation, a leading provider of automated error prevention solutions for Web services and software development, announced today the release of SOAPtest 4.0, the first product to offer penetration testing as an integrated component of a comprehensive, automated Web services testing suite. First launched three years ago, SOAPtest is used by hundreds of organizations worldwide to validate the reliability, compliance and performance of their business critical Web services deployments. SOAPtest 4.0 introduces automated, repeatable penetration testing at the message level to detect Web services security vulnerabilities. Additional key features include support for UDDI (Universal Description, Discovery and Integration) An industry initiative for a universal business registry (catalog) of Web services turned over to the stewardship of OASIS in 2002 as the version 3 specification of UDDI was released. Registry, WS-Addressing and WS-ReliableMessaging. SOAPtest 4.0 is now the only enterprise-class product of its kind to embed attack scenarios into automated and repeatable functional testing of service-oriented architecture while testing compliance to the WS standards. "As we continue to leverage Web services to deliver critical business data, it is imperative that our security infrastructure is trusted and reliable," said Cort Bucher, senior director of technology for McGraw-Hill Construction. "Parasoft SOAPtest 4.0's capability to automatically generate penetration tests custom to our Web services implementation provides me with the assurance that our services are truly production ready." Parasoft works with customers to set their security policy, drive it down to the code level and enforce it at the development level. Parasoft promotes a three-tier approach to identify, correct, and prevent security vulnerabilities - static analysis, penetration testing, and dynamic analysis. "Parasoft SOAPtest helps companies overcome the vulnerabilities and roadblocks in developing secure, compliant, reliable Web services," said Wayne Ariola, vice president of corporate development at Parasoft. "Web services expose security vulnerabilities through commonplace flaws like X-path injections, XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. bombs, runtime errors and buffer overflows. SOAPtest 4.0 is an essential tool for enterprises deploying Web services to ensure their mission-critical applications are secure." What's new in SOAPtest 4.0: --Security penetration testing at the message level including SQL injections, XML bombs, parameter fuzzing, and XPath injections. --UDDI Registry support including a Query UDDI Tool that can be used to send inquiries to a UDDI registry for verification and validation Verification and Validation (V&V) is the process of checking that a product, service, or system meets specifications and that it fulfills its intended purpose. These are critical components of a quality management system such as ISO 9000. . --WS-Addressing and WS-ReliableMessaging support including automatic generation of WS-Addressing and WS-ReliableMessaging headers within the SOAP header. --Test Suite "Wizard" that allows automatic creation of security penetration tests, asynchronous Refers to events that are not synchronized, or coordinated, in time. The following are considered asynchronous operations. The interval between transmitting A and B is not the same as between B and C. The ability to initiate a transmission at either end. test suites, and tests from WSDL (Web Services Description Language) An XML-based language for defining Web services. Developed by Microsoft and IBM, WSDL describes the protocols and formats used by the service. , WSIL WSIL Web Services Inspection Language WSIL Web Services Invocation Framework WSIL Web Services Invocation Language , UDDI, and HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. traffic. --Load testing improvements including a bottom-up approach that allows users to define the exact number of virtual users for each profile. Availability SOAPtest 4.0 is available for Windows 2000, Windows XP, Linux and Solaris. Pricing starts at $3,495. About Parasoft Parasoft is the leading provider of innovative solutions for automated software test and analysis and the establishment of software error prevention practices as an integrated part of the software development lifecycle. Parasoft's product suite enables software development and IT organizations to significantly reduce costs and delivery delays, ensure application reliability and security, and improve the quality of the software they develop and deploy through the practice of Automated Error Prevention (AEP AEP - Application Environment Profile ). Parasoft has more than 10,000 clients worldwide including: Bank of America
Bank of America (NYSE: BAC TYO: 8648 ) is the largest commercial bank in the United States in terms of deposits, and the largest company of its kind in the world. , Boeing, Cisco, Disney, Ericsson, IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) , Lehman Brothers, Lockheed, Lexis-Nexis, Sabre Holdings, SBC and Yahoo. Founded in 1987, Parasoft is a privately held company privately held company A firm whose shares are held within a relatively small circle of owners and are not traded publicly. headquartered in Monrovia, CA. For more information visit: www.parasoft.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion