WebInspect Banners

WebInspect why section

Go beyond black box testing.

Integrate dynamic and runtime analysis to find more vulnerabilities – and fix them faster. WebInspect crawls more of an application to expand the coverage of the attack surface and detect new types of vulnerabilities that can go undetected by black-box security testing technologies.

  • Robust authentication

    HP WebInspect utilizes the HPE TruClient macro recorder technology to abstract the authentication technology beneath the surface and focus on the user’s interaction with the web site. By recording and playing back the exact user actions on the web site WebInspect no longer needs to add support for specific authentication technologies.

  • Compliance templates

    HP WebInspect supports over 35 different compliance templates for both industry and international government requirements. Customers can test whether their applications meet the metrics set by PCI DSS, Sarbanes-Oxley,  HIPAA, EU Directive on Privacy and Electronic Communications and UK Data Protection just to name a few.

  • Start quickly. Scale easily.

    Start quickly and scale as needed. HP WebInspect dynamic application security testing (DAST) is available on demand or as a licensed product.

"HP WebInspect significantly increase(s) Gamania program development security and quality. Gamania now uses HP WebInspect to run a monthly fixed scan looking for web page security weaknesses. There is an almost 100 percent accuracy rate and the software instantly adjusts firewall settings, thereby automating security management."

Huang Weiqiang, Information Security Manager at Gamania

WebInspect Benefits

Benefits: Accelerate and elevate security.

HP WebInspect is a leading web application security assessment solution that analyzes complex web applications and services for security vulnerabilities. It accelerates dynamic security testing by accurately scanning your applications, identifying and prioritizing critical issues, and providing actionable reporting for the risk profile of your applications.

Keep in control of your scan by getting relevant information and statistics at a glance. Modules are interactive, letting you drill down to detailed, contextual information about the application crawl and scan results.

WebInspect Agent crawls more of an application to expand the coverage of the attack surface and detect new types of vulnerabilities that can go undetected by black-box security testing technologies. Integrate dynamic and runtime analysis to find more vulnerabilities—and fix them faster.

Run management reports on vulnerability trending, compliance management and risk oversight. Communicate with development on details and priorities of each vulnerability. Get compliance reports for all major industry and regulatory standards, including PCI, SOX, ISO, and HIPAA. 

Integrate into your defect management processes with out-of-the-box integrations for HP Application Lifecycle Management (ALM) ALM and Quality Center and data export via XML for open integration with other security management systems.

Why HPE?

HP Fortify: Leader in 2015 Gartner Magic Quadrant for Application Security Testing

HP Fortify continues its unbroken streak of leadership in every application security MQ ever issued.  Once again, Gartner has positioned HPE as a leader.

  • Gartner has named Fortify a leader in every Magic Quadrant for Application Security Testing they have ever produced. And the trend continues in 2015.
  • HP Fortify, the most broadly adopted SAST tool in the market, continues to deliver compelling innovations with IAST and RASP technologies.
  • Get the report.  To learn more about HP Application Security, visit hp.com/go/fortify.

According to Gartner, leaders in the AST (Application Security Testing) market demonstrate breadth and depth of AST products and services. Leaders should provide mature, reputable SAST, DAST and, desirably, IAST techniques in their solutions. Leaders also should provide organizations with AST-as-a-service delivery models for testing, or with a choice of a tool and AST as a service, using a single management console and an enterprise-class reporting framework supporting multiple users, groups and roles. In addition, Leaders should provide capabilities for testing mobile applications.

More information about the entire portfolio of HP Enterprise Security Products is available at hpenterprisesecurity.com. In addition, HPE Security Research delivers actionable security intelligence to the product portfolio while providing insight into the future of security and the most critical threats facing organizations today.