Trend Micro Launches Web App Security Platform

Web App Security includes automatic protection at the platform level and native integration with Web application firewalls.

Security software specialist Trend Micro announced the launch of Web App Security, a service offering designed to provide security with vulnerability detection and protection for Web applications and the platforms they are deployed on throughout an organization.

Incorporated directly into the offering, unlimited secure sockets layer (SSL) certificates keep applications protected, and management is integrated into the central console of the platform. A part of the Trend Micro Cloud and Data Center Solution, the service offers detection capabilities across Web applications and the platform environments they are deployed on.

The aim is to provide Web App Security customers with the ability to not only detect vulnerabilities with both automated and hands-on expert testing, but also protect those applications from discovered threats.

"As attacks grow in sophistication and volume, our team is working diligently to ensure that customers are ready," Kevin Simzer, senior vice president of marketing and business development at Trend Micro, said in a statement. "Providing comprehensive detection and protection capabilities through a scalable cloud service helps to set Trend Micro apart from traditional offerings. Organizations deploying Web App Security as a Service are able to benefit from proven security combined with a compelling package of cost-effective detection, protection and SSL certificates."

Detection functionality is supported by the acquisition of the Web application scanning service, IndusGuard from IndusFace. The SSL component of the solution stems from the acquisition of startup AffirmTrust—from the founders of GeoTrust—which provides access to unlimited SSL certificates, including the secure Extended Validation (EV) certificate. The service is available in North America with a global rollout planned for 2014.

Web App Security also includes automatic protection at the platform level and native integration with Web application firewalls to provide a closed loop of protection. By offering an approach to Web application scanning that includes both automated and expert analysis, false positives can be avoided and organizations freed up to focus on other areas of concern, including compliance auditors for regulations like payment card industry (PCI) and Health Insurance Portability and Accountability Act (HIPAA).

"Customers are faced with an increasing amount of their business information being made available via Web apps from the data center and the cloud, driven by the need to provide better access and improved communication. However, this presents several challenges: increased risk of application compromise and data breach, escalating costs to secure each app, and compliance requirements based on the data being shared," Steve Neville, director of cloud and data center security at Trend Micro, said in a statement. "Because of this complexity, traditional approaches to securing these applications fall short, forcing a significant administrative and cost burden to the end customer."