Imperva Intros Closed Loop Solution for Managing Web Apps Security

Imperva, a provider of application data security solutions, said that it is introducing a closed loop solution for managing the Web application security lifecycle on production systems.

The Imperva SecureSphere Web Application Firewall (WAF), through bi-directional integration with vulnerability scanning tools from Cenzic, HP, IBM, and NT Objectives, addresses application security from quality assurance/testing into production, the company said. This combination meets the requirements of the Payment Card Industry (PCI) Data Security Standard (DSS) which mandates that organizations deploy a WAF or perform an application code review by June 30.

In addition, SecureSphere's Dynamic Profiling technology automatically detects and documents application changes in live applications and forwards this information to scanners.

It's increasingly clear that no matter how good we are at secure programming (SDLC) , and no matter how effective our code scanning and vulnerability analysis tools are, neither approach can 'solve' our web application security problem, said Rich Mogull, founder of Securosis, L.L.C. an independent security consulting practice. We also need to change how we view Web Application Firewalls. They can no longer be merely external boxes protecting against generic vulnerabilities; they need tighter integration into our applications. 1

Imperva's customers are leaders in virtually every industry segment, including e-commerce, financial services and healthcare, said Shlomo Kramer, president and CEO of Imperva. The bi-directional integration of vulnerability scanning products with Imperva's SecureSphere Web Application Firewall provides organizations with the industry's first true implementation of application security lifecycle management for production systems.

The turnkey integration of SecureSphere with Cenzic, HP, IBM, and NT Objectives will allow joint customers to detect and protect against web application vulnerabilities and threats, the company said. The following products are being integrated with SecureSphere:

- Cenzic: Hailstorm enterprise vulnerability testing and management software - HP/SPI: WebInspect web application security testing software - IBM/Watchfire: Watchfire AppScan Web application security testing suite - NT Objectives: NTOSpider web application vulnerability assessment tool

In addition to these product specific technical integrations, Imperva said it will deliver a set of open interfaces via the OpenSphere data security eco-system program.

((Comments on this story may be sent to newsdesk@closeupmedia.com))

((Distributed via M2 Communications Ltd - http://www.m2.com))

http://www.10meters.com
Comments on this story may be sent to newsdesk@closeupmedia.com