Web application security assessment and risk management solutions specialist Cenzic announced plans to expand internationally with the white-labeled version of its ClickToSecure Cloud solution to meet the growing needs of international partners. The release is designed to give managed security services providers (MSSPs), Web hosting providers/Internet Service Providers (ISPs), managed service providers (MSPs), and cloud vendors a turnkey solution to help secure their customers' Web applications and obtain compliance.
Launched in 2010, the Cenzic's ClickToSecure cloud offering for Web application security targeted small to medium-size businesses (SMBs) with its pricing model and cloud-based delivery method. The platform allows users to test their websites for vulnerabilities, conduct assessments in the cloud and check for compliance with various regulatory standards including PCI and European Privacy Law.
"Today's announcement places powerful web application security within reach of SMBs on a global scale," said John Weinschenk, president and CEO for Cenzic. "The new ClickToSecure Cloud allows international partners to easily expand into the security segment with an affordable, ready-made solution from leaders in the space. Ultimately, this will allow our partners to meet the growing demands of their customers in the ever-evolving face of cyber threats."
Josh Corman, research director for IT research firm The 451 Group, said Web application security compromises have remained a persistent issue among typically underserved SMBs. "High hurdles often prevent organizations from getting started, but OnDemand Cloud services like Cenzic's ClickToSecure can soften barriers like cost and training, providing the first step toward implementing Web application security," he said.
In February, Barracuda Networks Inc., Cenzic and the Ponemon Institute, released the results of the "State of Application Security Survey," which reveals respondents' perceptions and experiences protecting Web applications. The survey underscored the lack of adequate protection currently in use and overall insufficient resources and knowledge around Web application security.
According to 74 percent of respondents, Web application security is either more critical or equally critical to other security issues faced by their organizations. Despite this, the study shows there are many misconceptions around the methods used to secure Web applications, primarily Web application firewalls and vulnerability assessment.
The survey also found data protection (62 percent) and compliance (51 percent) were the top reasons for securing Web apps. Job protection was also a significant reason cited by 15 percent of respondents. Despite 51 percent listing compliance as a key driver for Web application security, 43 percent are not familiar with or have no knowledge of OWASP, a key component to compliance standards like PCI.
"The fact that a quarter of respondents could not provide a range for how many Web applications they have is a huge red flag right off the bat," said Mandeep Khera, CMO for Cenzic. "Furthermore, that 20 percent of organizations do not test at all and 40 percent test only five percent of their Web applications is shocking. And, most of these companies have been hacked multiple times through insecure Web applications. If you know that burglars come through a broken door repeatedly wouldn't you want to fix that door?"