Fortify WebInspect

WebInspect

WebInspect how it works

  • WI Overview 1

    The earlier in the development process that security vulnerabilities are discovered, the less expensive they are to fix. HP WebInspect gives security professionals and security novices alike the power and knowledge to quickly identify and validate critical, high-risk security vulnerabilities in applications running in development, QA, or production.

  • WI Overview 2

    Do more with less. HP WebInspect improves the effectiveness of your DAST efforts while lowering the cost of security vulnerability assessment and remediation. Advanced technologies like simultaneous crawl and audit and concurrent scanning makes powerful scanning technology accessible to even novice security testers. 

  • WI Overview 3

    Streamline the process of remediating vulnerabilities. WebInspect Enterprise establishes a shared security service to centralize and correlate results while distributing security intelligence (or testing capabilities) across an organization. 

WebInspect Screenshot

How WebInspect works

Drill down

HP WebInspect is an automated dynamic testing solution that discovers configuration issues, and identifies and prioritizes security vulnerabiities in running applications. It mimics real-world hacking techniques and provides comprehensive dynamic analysis of complex web applications and services. WebInspect reports and dashboards provide organizations with visibiitiy and an accurate risk posture of your applications.

Context from the inside

  • Observe application reaction to attacks at the code level during dynamic scans
  • Identify and crawl more of an application to expand the coverage of the attack surface
  • Provide stack traces and SQL queries to confirmed vulnerabilities

Actionable reports

  • Create flexible, extensible, and scalable reports that match your business requirements.
  • Contextually highlighted HTTP request and response immediately draw attention to the attack and the vulnerable response
  • Easily retest the entire site, just the vulnerabilities, or only a single vulnerability
  • Scan comparison allows for the delta analysis comparison of vulnerabilities across two scans

Customized workflow

  • Centralize your security intelligence using WebInspect Enterprise, which helps you understand the security risk of your organization.  Providing you the ability to view and manage your security portfolio to track vulnerability, confirm remediation, view metrics, progress and trends.
  • Extensive data export via XML for open integration with other security management systems
  • Automate regular security tasks using the HP WebInspect API

Ready to get started?

WebInspect is an automated dynamic testing tool that mimics real-world hacking techniques and attacks, and provides comprehensive dynamic analysis of complex web applications and services. 

This free trial software:

  • Integrates dynamic and runtime analysis
  • Includes technologies such as simultaneous crawl
  • Provides vulnerability trending, compliance management, and ROI information
  • Has prebuilt integrations for HP and other security testing and management systems
  • Provides dynamic application security testing (DAST) on demand or as a licensed product
  • Supports an enterprise-wide AppSec program