Sanctum Announces General Availability of AppScan QA for Mercury TestDirector.Business Editors/High-Tech Writers SANTA CLARA Santa Clara, city, Cuba Santa Clara (sän`tä klä`rä), city (1994 est. pop. 217,000), capital of Villa Clara prov., central Cuba. , Calif.--(BUSINESS WIRE)--Dec. 8, 2003 First QA Tool to Fully Integrate Automated Security Testing Security Testing: (The) Process to determine that an IS (Information System) protects data and maintains functionality as intended. The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorisation, to Enable Accelerated Delivery of Bulletproof Refers to extremely stable hardware and/or software that cannot be brought down no matter what unusual conditions arise. See industrial strength. bulletproof - Used of an algorithm or implementation considered extremely robust; lossage-resistant; capable of correctly Applications Sanctum, Inc., the leader in automated Web application security firewall and testing solutions, today announced the general availability of AppScan(TM) QA 4.0 for Mercury TestDirector(R) 8.0 through a technology partnership with Mercury Interactive For another company with a similar name, see Mercury Computer Systems. HP Mercury (formerly Mercury Interactive) is a subsidiary of Hewlett-Packard that is a market leader in automated software quality assurance and offers products in other areas such as diagnostics, Corporation (Nasdaq:MERQ MERQ Mercury Interactive Corp (stock symbol) ). AppScan QA for Mercury TestDirector delivers an integrated testing platform to QA organizations to make Web application security testing an easy part of the daily QA process. Integrating AppScan QA with TestDirector provides QA engineers the ability to centrally manage and run all aspects of Web application testing application testing - system testing -- functionality, load and security -- from a single environment, providing customers with a lower total cost of operation, reduced business risk and accelerated delivery of secure applications. "The most effective way for enterprises to become more secure is to buy and build software that is more secure. Integrating security testing into development, QA and testing needs to be considered standard due diligence Research; analysis; your homework. This term has caught on in all industries, because it sounds so "wired." Who would want to do analysis or research when they can do due diligence. See wired. to prevent identity theft, cyber crime and business system downtime," said John Pescatore, vice president and research fellow at Gartner, Inc. "Integrating AppScan QA with the leading global test management solution follows through on Sanctum's ongoing commitment to building alliances that deliver comprehensive integrated security testing within familiar application development and testing environments," said Peggy Weigle, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Sanctum, Inc. "AppScan QA for Mercury TestDirector enables c-level executives to mandate faster time-to-market of highly secure applications by making security a priority for QA teams. Through this partnership, Sanctum and Mercury Interactive are taking the initiative of arming their users with the tools needed to reduce the cost and time to fix security-related defects." Features of AppScan QA for Mercury TestDirector include: Intelligent Testing--AppScan's intelligent testing engine provides automatic test creation, modification and maintenance processes needed to test and act on remediation of security defects including common Web vulnerabilities, application specific defects and any Web-based XML/SOAP application. Seamless Integration--Within the familiar testing hosts of the TestDirector environment, users can create and execute security tests for their Web application test plans, store and share configurations and sessions; keep information on past runs; and monitor progress along all as part of the normal QA run. Defect Management--Security defects are easily identified alongside typical feature, functionality and performance defects, within the TestDirector defect tracking In engineering, defect tracking is the process of finding defects in a product, (by inspection, testing, or recording feedback from customers), and making new versions of the product that fix the defects. and analysis system providing centralized control, distributed workload and low maintenance. Bug Fixes--Users are given comprehensive security advisories suitable for any audience, translating technical details into business terms and providing detailed fix recommendations and views of the test and response, empowering QA personnel to more efficiently communicate with developers for the resolution of defects. About AppScan QA Available as a standalone tool, or integrated with Mercury TestDirector, AppScan QA Edition is the only available tool for security testing during the QA phase. With its patented intelligent validation engine, AppScan QA covers the widest array of attack variants to test both new and existing infrastructures, including emerging Web services technologies containing XML XML in full Extensible Markup Language. Markup language developed to be a simplified and more structural version of SGML. It incorporates features of HTML (e.g., hypertext linking), but is designed to overcome some of HTML's limitations. and SOAP vulnerabilities. AppScan QA Edition delivers seamless integration into existing test systems, automation to deliver predictive, reproducible results and the ability to output detailed defect analysis results to all standard tracking and analysis systems. In compliance with the Capability Maturity Model (CMM (Capability Maturity Model) A process developed by SEI in 1986 to help improve, over time, the application of an organization's supporting software technologies. ) outlined by the Software Engineering Institute (SEI), AppScan supports software QA and quality management standards, a critical element of delivering quality software to the market. About Sanctum, Inc. Founded in 1997 and headquartered in Santa Clara, Calif., Sanctum, Inc. is the recognized leader for Web application security solutions. Sanctum software solutions provide automatic enforcement of intended business processes, ensuring the protection of core information and data. By detecting and defending against any unauthorized behavior, Sanctum protects customers against malicious cybercriminal See cybercrook. activity--from theft of intellectual property and customer data, to e-commerce fraud and Web site defacement--even if a site has unknown security holes or flaws. Sanctum's solutions complete a company's security infrastructure, assure regulatory compliance and create sustainable ROI (Return On Investment) The monetary benefits derived from having spent money on developing or revising a system. In the IT world, there are more ways to compute ROI than Carter has liver pills (and for those of you who never heard of that expression, it means a lot). . Sanctum's customers include industry leaders in finance, retailing, healthcare, government and telecommunications. Privately held, Sanctum is funded by blue-chip venture capital firms Name Location Founding date Managing Partners/Directors Specialty Capital managed 5AM Ventures Menlo Park, CA; Waltham, MA 2002 John Diekman, PhD (managing partner), Scott Rocklage, PhD (managing partner), Andrew Schwab (managing partner) life sciences $200M [1] and industry leaders including Sprout Group, Dell, Gemini Israel Funds, Fidelity Ventures, Wachovia Strategic Ventures Group, Mofet Israel Technology Fund and Walden Israel. For more information, visit www.SanctumInc.com or contact the Company directly at (408) 352-2000. AppScan is a trademark of Sanctum, Inc. Mercury and Mercury Interactive are trademarks or registered trademarks of Mercury Interactive Corporation or its subsidiaries in the United States and/or other countries. All other product names referenced are the property of their respective owners and are hereby acknowledged. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion