eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Sanctum Inc., one of the pioneers of the application security market, next week plans to release the latest version of its flagship AppScan tool, which will include privacy control testing, regulatory compliance testing and the ability to assign unique identifiers to each test for tracking purposes.
AppScan 4.5 QA and Audit Edition has several other new features as well, many of which are focused on the task of making security tests more efficient and the results easier to act on. In the new version Sanctum has provided a way for testers to reduce the number of threads that AppScan uses during its tests in order to streamline the testing process. Users can also store their credentials for a target application before beginning a manual test, thereby avoiding the drudgery of having to re-enter them time after time.
The solution now includes a large database of recommended fixes for the defects and vulnerabilities it finds during tests, as well. The recommendations are in HTML code format and are specific to either the J2EE or .Net environment, depending on the users needs.
But perhaps the biggest addition to Version 4.5 is the inclusion of the regulatory compliance tests.
“Our customers came back to us and told us that the ability to test for regulatory compliance was an absolute must,” said Diane Fraiman, vice president of business development at Sanctum, based in Santa Clara, Calif. “Theyre getting pressure from management on this, so it becomes a security requirement.”
The software comes with several built-in templates for testing compliance with regulations such as Sarbanes-Oxley, HIPAA (Health Insurance Portability and Accountability Act) and other United States and European regulations. AppScan 4.5 also has the ability to run one test against an application and test for compliance with numerous regulations simultaneously.
AppScan 4.5 QA and Audit Edition will be available March 8 and will be sold via either enterprise or stand-alone licenses.
Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page: