Can we use HP QAInspect for security testing of desktop application? (543 Views)
Reply
Occasional Contributor
Sabale
Posts: 3
Registered: ‎08-22-2011
Message 1 of 5 (543 Views)

Can we use HP QAInspect for security testing of desktop application?

We have application like Calculator, can we use HP QAInspect for security testing of desktop application like Calculator or it is always Web application.

Valued Contributor
QBaker75
Posts: 113
Registered: ‎01-04-2011
Message 2 of 5 (541 Views)

Re: Can we use HP QAInspect for security testing of desktop application?

What type of security testing are you looking at doing for your desktop app?

Sorry, QAInspect, just like WebInspect is only for Web apps. QAInspect has better integration with Quality Center/ALM.

Quentin Baker
HP Application Security Center
Occasional Contributor
Sabale
Posts: 3
Registered: ‎08-22-2011
Message 3 of 5 (533 Views)

Re: Can we use HP QAInspect for security testing of desktop application?

We develop applications like client server applications where Client
sits on the Windows OS and Server is (Some hardware/embedded system having OS
QNX/UNIX) these client server applications communicate over the Ethernet?

Can QA inspect be used for these kind of applications?

 

Valued Contributor
QBaker75
Posts: 113
Registered: ‎01-04-2011
Message 4 of 5 (530 Views)

Re: Can we use HP QAInspect for security testing of desktop application?

QAInspect can only be used to scan a web application, website, or web service.

See below for more information on our products:

 

https://www.fortify.com/products/HP_ASC/index.html

 

https://www.fortify.com/products/qa_inspect.html

 

Quentin Baker
HP Application Security Center
Respected Contributor
HansEnders
Posts: 613
Registered: ‎07-01-2008
Message 5 of 5 (523 Views)

Re: Can we use HP QAInspect for security testing of desktop application?

However, the HP ASC group not only offers solutions for DAST testing of web apps, but also SAST testing of raw source code.  On the same HP Fortify web site that Quentin suggested you will find more details on our source code analysis solutions.  These can be leveraged inside an IDE, at build-time, et al, and currently support 19 languages.  These will be able to perform security testing of your client-server or desktop application.

 

Our web app testing tools (DAST) come by way of SPI Dynamics (2007 acquisition).  These include AMP, QAInspect, and WebInspect.

 

Our code testing tools (SAST) come by way of Fortify (2010 acquisition).  these include the F360 server, SCA, AWB, PTA, and RTA.

 

We are working on hybrid solutions for both of these, with WebInspect Real-Time (WebInspect coupled with SecurityScope) being the first packaged one.


-- Habeas Data
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.