4 VendorsBlog
Login
We pay for content
Fortify WebInspect

Add to comparison

Fortify WebInspect

Pitch
Fortify WebInspect is the most most comprehensive Dynamic Application Security Testing Software Find and prioritize web application vulnerabilities.

Features of product

Проблемы Pain points
  • Risk of attacks by hackers
  • Risk of data loss or damage
  • Risk of lost access to data and IT systems
  • Risk or Leaks of confidential information
  • Unaurthorized access to corporate IT systems and data
Ценности Business Values
  • Ensure Security and Business Continuity
  • Reduce Costs
Матрица сравнения с конкурентами Matrix of comparison with competitors
Описание

About Product

  • Most comprehensive and accurate dynamic scanning tool. Seamlessly crawl modern frameworks and web technology. Use dynamic analysis to show exploitability of web application and web server vulnerabilities.
  • Automation and enterprise workflow integration. Fully automated solution that helps meet DevOps and scalability needs. Integrates with the SDLC without additional overhead.
  • Available on-premise, as a service or in hybrid. Start on-premise or as a service and expand according to your business needs. Manage DAST on-premise and as a service program centrally.
  • Compliance management. Pre-configured policies and reports for all major compliance regulations related to web application security, including PCI DSS, DISA STIG, NIST 800-53, ISO 27K, OWASP, and HIPPAA.
  • Manage enterprise application security risk. Manage application security risk and create reports for remediation and for management oversight. Monitor trends and use dynamic analysis to take action on vulnerabilities within an application.
  • Optimize scan results with agent technology. Get additional visibility and stack trace insight from scanned web applications. Optimize the scanning process based for both speed and accuracy using this technology.

WebInspect automation workflows

WebInspect automation workflows use build automation tools to manage the dynamic scanning ecosystem, including QA testing and cloud deployments. 

Dynamic analysis (DAST), combined with static analysis (SAST), provides more thorough coverage, but automating dynamic is more complex. You can either build your own tech stack, or borrow a framework. This guide helps you accelerate your automation by using existing test automation scripts/frameworks that other enterprises have already created as part of their DevOps practices.

Характеристики

Characteristics

Defect Tracking Integration

Yes

Continuous Integration Support (BDD)

Yes

Selenium Import/Integration (TDD)

Yes

Periodic/Scheduled Scans
Periodic Results Gap Analysis

Yes

IAST Module Hybrid Analysis
SAST Module Hybrid Analysis
Extensibility
WAF Virtual Patch Generation

Yes

Enterprise Console Management Features

Yes