HP Security Research Blog
The HP Security Research blog provides a platform for security experts from across HP to discuss innovative research, industry observations, and updates on the threat landscape to help organizations proactively identify and manage risk.

HPSR Software Security Content 2014 Update 3

HP Software Security Research is pleased to announce the immediate availability of updates to HP Application Defender, HP WebInspect SecureBase (available via SmartUpdate), the HP Fortify Secure Coding Rulepacks (English language, version 2014.3.0), and HP Fortify Premium Content. 

 

The Software Security Research team translates cutting-edge security research into security intelligence that powers the HP Enterprise Security Products portfolio. Today, HPSR Software Security Content supports over 880 vulnerability categories across 22 programming languages and spans more than 806,000 individual APIs.

HP WebInspect Pro Tips: Login Macros

Why does a scanner need a login macro?

 

A comprehensive security assessment mandates complete coverage of the target application’s attack surface. It is crucial to find and fuzz all possible inputs to the application. A typical web application is partitioned into two major sections – a protected section which requires valid login credentials for access and an unprotected section for public access. It is equally important to assess both the protected and public sections of the target application.

HP WebInspect Pro Tips: Configuring Navigation Parameters

The quality of a dynamic scan is partly dictated by the ability of the scanner to effectively communicate with the target application. The application architecture, underlying design patterns and applicable web frameworks are a few details WebInspect can effectively leverage to understand and accurately map out the attack surface of the application under test. With a variety of web technologies available, custom code, new frameworks and so forth, every scan could use a little tweak to make it more effective. This post is the first in a new series of tips and tricks that we hope will help our customers create quality scans using WebInspect.

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.