Compuware seeks to secure Web apps with tool upgrade -- ADTmag

Compuware seeks to secure Web apps with tool upgrade

By ADT Staff
January 25, 2006

Compuware is announcing the general availability of a new version of its security analysis tool DevPartner SecurityChecker. Version 2.0 offers full integration with Microsoft Visual Studio 2005, enabling dev and testing teams to improve the quality of their Microsoft ASP.NET apps by locating and fixing security vulnerabilities early in the app life cycle, according to the company.

The security assessment tool is designed to help developers achieve app security by automatically identifying security vulnerabilities through a combination of white-box (code scanning and run-time analysis) and black-box (penetration testing) testing techniques. It also pinpoints the location of the vulnerabilities in source code.

Compuware offers a security assessment service for ASP.NET apps to those orgs that require specific expertise. Through this offering, a Compuware technician reviews the identified app, then performs a security assessment using DevPartner SecurityChecker, applying three analysis modes to the application. These modes focus on code-base analysis, run-time analysis and simulation of attacks from a hacker's point of view. The Compuware consultant then delivers a detailed report the customer can use to investigate and correct found vulnerabilities.

DevPartner SecurityChecker 2.0 is available at $12,000 per concurrent user. Volume discounts are available. Other Compuware products that currently support Visual Studio 2005 are DevPartner Studio 8.0 and DevPartner Fault Simulator 1.5. In the spring of 2006, Compuware plans to release the next version of its functional testing tool, TestPartner, which will support and integrate with Microsoft Visual Studio 2005 Team System. Compuware will demonstrate these solutions next week at the VSLive! San Francisco Conference (booth #706).