March 11, 2010
Hot topics :

Why Wait For Hackers?

Testing new applications for security weaknesses is a process that is often performed from the outside-in. Security administrators and/or Q/A teams receive applications that are already in their near-final form for testing, and they proceed to bombard them with various forms of hack attempts--either manually or systematically via specialized tools--in order to determine their vulnerabilities. Or, even worse, the product could be released with no such security testing done at all; relegating the vulnerability testing of the application to the actual attackers waiting to exploit their weaknesses. Needless to say, should vulnerabilities be discovered at this phase it's too late: The barbarians have already breached the fortress. And even if you do have in-house black-box testing, vulnerabilities found at such a late stage in the development of the product can be costly; both in terms of the effort needed to correct the issues and the inevitable product delays.

Compuware this week released the latest version of their DevPartner SecurityChecker tool, which seeks to back the security testing of an application all the way up to the early development phase. The utility can be used for both white-box and black-box security testing of an application; with the white-box methods examining the actual code itself for security vulnerabilities and directly reporting the offending code for speedy remediation. Such inside-out testing helps the organization catch security vulnerabilities in their applications throughout the development process, from the moment the code can compile.

Among the other highlighted entries in this week's collection of Enterprise IT Planet Product Guide briefings is an EMC trifecta: Symmetrix DMX-3 will soon qualify for use with up to 2,400 drives (that's over a Petabyte of disk storage); Centera debuts enhanced file retention capabilities in the Governance and Compliance Edition Plus versions; and for those of you who want NAS file access with SAN-like performance, the Celerra Multi-Path File System will soon be available for iSCSI implementations.

Jump to:

Security
DevPartner SecurityChecker
CounterACT
GFI MailEssentials

Networking:
SD4000 Series
Asset Trustee

Storage
Celerra MPFS/MPFSi
EMC Centera
Symmetrix DMX
ZyIMAGE

Featured Security Products:

DevPartner SecurityChecker
Compuware Corp.
Assessment tool analyzes ASP.NET code for security vulnerabilities during the development cycle. New release adds over thirty new integrity checking rules and Visual Studio 2005 integration.

CounterACT
ForeScout Technologies, Inc.
Appliance-based platform provides agent-less Network Access Control, intrusion prevention, and vulnerability assessment capabilities. Now able to detect/disable rogue wireless access points.

GFI MailEssentials
GFI Software Ltd.
Server based anti-spam filter for MS Exchange or SMTP/POP3 E-mail servers. Now with anti-phishing capabilities.

Featured Networking Products:

SD4000 Series
Opengear Inc.
Devices provide the ability to remotely access a device over the Web, through the LAN, or via dial-up access. Includes tunneled VNC, RDP, and HTTP access capabilities.

Asset Trustee
FileWave, Inc.
Provides a centralized means for corporations to collect, store, and analyze asset information from individual workstations over the network.

Featured Storage Products:

Celerra MPFS/MPFSi
EMC Corp.
Software platform for use with EMC Celerra gateways provides for NAS based file access from clients with SAN data delivery performance. Soon to be available for iSCSI.

EMC Centera
EMC Corp.
Disk-based, Content Addressed Storage platforms for fixed content storage. Governance and Compliance versions now include enhanced retention capabilities including event-based retention and litigation holds.

Symmetrix DMX
EMC Corp.
High-end network storage arrays are based on the vendor's Direct Matrix Architecture. DMX-3 now qualified for up to 2,400 drives.

ZyIMAGE
ZyLAB Technologies.
XML-based information storage and retrieval platform with multiple modules for both the capture and retrieval of data. New features include redaction capabilities and a Workflow Module.


This article was first published on EnterpriseITPlanet.com.

1



IT Offers





Partners



















The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers

Solutions

Whitepapers and eBooks

Intel Whitepaper: 2010 Intel Core vPro Processors Overview
Article: Adobe Helps PHP Developers Create Rich Internet Applications
Article: Reduce Your Infrastructure Costs with Microsoft System Center
Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent
Article: Security Enhancements Abound in Windows Server 2008
Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs
Microsoft Whitepaper: Improve Communications and Collaboration
 Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor
Microsoft Personalized Whitepapers and Resources for You
Microsoft Articles: Visual Studio 2010
Adobe Article: Java Developers Finding a Home at Adobe Flex
Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence.
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Micro Focus Webcast: Boosting the Impact and Effectiveness of Software Development QA and Testing
Microsoft Webcast: Simplified Access and Single Sign-On
Intel Video: 2010 Intel Core Processor Technologies
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Adobe Download: Tour de Flex Application and Explore Flex
Get Started: Create Applications Without Infrastructure Limits with the Windows Azure Platform
HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us
 Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Free Adobe Online Flex Training: Check Out this Video Training Course Here
Develop Cloud Applications - Get Started Now with the Windows Azure Platform
Learn Unified Communications
Learn SQL Server 2008
Learn Windows Server 2008 R2
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products
 Join the Intel AtomDeveloper Program: Develop and sell netbook applications!
Learn Forefront
Learn System Center
All About Botnets
Learn SharePoint
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES