Click here to return to the home page
Change Currency      
 
Search:

DevPartner SecurityChecker [2.5 Upgrade, for 1-5 Named User (Price Per Server) Win]


DevPartner SecurityChecker [2.5 Upgrade, for 1-5 Named User (Price Per Server) Win] boxshot. Reference Number: PRS. 155366
Availability: Usually delivered within 5 working days
Media: Electronic

£1465.00 (Ex. VAT)
Buy Now

 Published By:

Compuware


» Call me about this product
» All variants of this product
» Other products by this publisher
» Similar Products

Documents And Downloads:
» DevPartner SecurityChecker 2.5 Fact Sheet
» Security for ASP.NET Developers Compuware White Paper
Not what you're looking for? Use our free sourcing request service.

Most security solutions for Internet applications are focused on the production environment, checking and controlling security issues after applications are in production. They do little, however, to build security into applications from the start.
Developers now need a security assessment tool that can quickly detect, assess and record security vulnerabilities-and pinpoint their location in source code-in development and QA environments.
DevPartner SecurityChecker is just the solution: a powerful security analysis tool that quickly scans, locates and fixes known and potential security vulnerabilities in ASP.NET applications written in either C# or Visual Basic .NET. DevPartner SecurityChecker automates detection processes through a combination of runtime, compile-time and integrity analyses that pinpoint the exact location of vulnerable source code and hard-to-find security problems.

As noted in a recent industry report, over 70 percent of attacks against a company's network come at the application layer, not the network or system layer. DevPartner SecurityChecker is therefore unmatched; no other product provides critical runtime analysis for evaluating inner-layer security concerns with fast, accurate results.

Discover, analyze, resolve and repair

DevPartner SecurityChecker guides you through its three distinct operational phases:

  • The Discovery phase lets you choose either manual or automatic discovery, specify the solution to be analyzed, choose which types of analysis to use (compile-time, runtime, integrity, or any combination), create a discovery map to define specific portions of the application for analysis (or use an existing one) and start the analysis session.
  • The Analysis phase shows you a high-level graph and report of your application's vulnerabilities, a detailed list of each issue found ranked by severity, an explanation of the vulnerability and its source code, if applicable.
  • The Advisor phase provides you with a description, contextual information and suggested repairs for each vulnerability found, including references to trusted sources such as the Microsoft Developer Network, the Open Web Application Security Project (OWASP), CERT and various security publications.


DevPartner SecurityChecker is the most comprehensive application security analysis tool in the industry today. And now SecurityChecker 2.5 simplifies development best practices for ASP.NET application security more than ever through automated updates, expanded vulnerability rules and new reporting capabilities.

Downloadable Updates
DevPartner SecurityChecker 2.5 offers the ability to manually or automatically check for updates, so now it's even easier for development teams to stay on top of the latest security threats. When an update is found, SecurityChecker 2.5 prompts you to download and install the latest set of security vulnerability rules and information.

New Vulnerability Rules
SecurityChecker 2.5 has added new rules to the compile-time analyzer, run-time analyzer and integrity analyzer.

  • Five new rules have been added to the integrity analyzer -- the penetration testing tool -- to provide additional help in preventing Google hacks.
  • Five new rules have been added to the run-time analyzer in the areas of encryption and insecure coding practices and configurations.
  • Four new rules have been added to the compile-time analyzer -- the static source code analysis tool -- to check for additional insecure practices and configuration weaknesses.


Enhanced Reporting
Reporting ease of use and readability are major strengths of DevPartner SecurityChecker, and version 2.5 even further improves these capabilities. Also, two new reports have been added to SecurityChecker 2.5.

The first identifies and categorizes detected vulnerabilities using the top ten security flaws identified by the Open Web Application Security Project (OWASP). This report is available at both summary and detail levels and contains short descriptions of each detected vulnerability.

The second report categorizes detected vulnerabilities by generally accepted industry classification. Examples include SQL injection, Google hacks and buffer overflows. This report also is available at both summary and detail levels.

Team System Integration
Developers and QA testers can now create and submit security defect information found using DevPartner SecurityChecker 2.5 directly into the Team System Foundation Server defect tracking tool. In addition, users can insert defect data directly from SecurityChecker 2.5 into Team System Foundation Server without the need for re-typing detailed vulnerability information.

Terminal Services
In cases where a user does not have a local copy of Microsoft's Internet Information Server (IIS) or the Visual Studio IDE, a SecurityChecker session can be run on a remote server along with the ASP.NET application being analyzed. The SecurityChecker 2.5 session on the remote server can be controlled and viewed by the user on a local machine via the use of Terminal Services.

  • Reduced development costs: Security vulnerabilities are identified early in the application development life cycle as soon as the code can be compiled-enabling you to mitigate security risks early and inexpensively.
  • Development best practices: Application developers quickly acquire the necessary security expertise to quickly find and fix complex and hard-to-find security vulnerabilities.
  • Improved application quality: DevPartner SecurityChecker can locate security vulnerabilities that manual code inspection techniques and other automated-but less comprehensive-tools simply can't find. That means you can find and fix security bugs long before a hacker has a chance.
Operating Systems:
  • Windows 2000 Professional, Server and Advanced Server
  • Windows XP Professional
  • Windows Server 2003, Web, Standard and Enterprise

Visual Studio integration:

  • Visual Studio 2005
  • Visual Studio .NET 2003

Language support:

  • Visual C# .NET
  • Visual Basic .NET

Hardware:

  • Pentium III 850 MHz (1.5 GHz or faster)
  • 512 MB total system memory (1 GB is recommended)
  • 400 MB hard disk space

Note: Although SecurityChecker can be installed anywhere, approximately 260 MB of space will be consumed on your system partition. If insufficient space is available, the installation will fail. Please make sure that there is at least 260 MB of storage available on the system partition prior to installation.
Help
My Account
Corporate Info
Other Info
Secure Shopping
Copyright © Grey Matter Ltd. 1983 - 2008. Registered office: 2 Prigg Meadow, Ashburton, Devon, TQ13 7DF. Registered in England. Company no: 1671407. VAT no: GB 384904621.