SPI Dynamics to Highlight the Latest Web Application Security Testing at Mercury World 2006

October 9, 2006; 06:09 AM
S.P.I. Dynamics, Inc. (http://www.spidynamics.com/), the leading provider of web application security testing software and services, announced one of the company's application security experts will highlight the latest trends in web application security testing throughout the development lifecycle at the upcoming Mercury World 2006 in Las Vegas, Nevada, October 8-11, 2006. This is the second year in a row that SPI Dynamics' experts will present the latest web application security trends in quality assurance, and the third year in a row the company has sponsored this important quality assurance market event.

"We are once again delighted to be invited to participate in Mercury World 2006, an important QA industry event that brings together testing professionals to discuss the most important trends and issues facing QA organizations. SPI Dynamics has been focused on delivering security testing solutions for QA professionals that integrate directly into their current working environments without disrupting their normal day-to-day processes, and also provides a learning platform that assists QA professionals in understanding that security defects should be treated like all other defects in the lifecycle," said Brian Cohen, president and CEO, SPI Dynamics. "Security testing should be a significant part of every software development process. SPI Dynamics products are uniquely designed to integrate seamlessly in all key phases of the software lifecycle and educate users without slowing aggressive project schedules."

Ryan English, Group Product Manager for SPI Dynamics' QAInspect(R) products, will present in the conference's "Functional Testing" track on the importance of security testing throughout the development process. The talk is titled, "Accounting for Security Before Production - A Look at Automated and Manual Methods for Effective Security Validation" and is scheduled during the Mercury World conference Tuesday, October 10th from 2:00 p.m. until 3:00 p.m. PT. The talk will focus on:

   - Why security is more than just a production concern and demands a
     lifecycle approach.
   - How to make security a priority while your applications are being
     developed and after they are in production.
   - How to save time, money and resources by treating web application
     security vulnerabilities like software defects and correcting them
     before production.


SPI Dynamics is a Premier Partner in the Mercury Alliance Program and was noted as the Mercury Technology Partner of the Year in 2004. The company's QAInspect product supports 15 versions of Mercury products. The company has achieved Mercury Verified Integration status since 2003 with Mercury Business Process Testing(TM), Mercury QuickTest Professional(TM), Mercury TestDirector(TM), Mercury Quality Center(TM), and Mercury WinRunner(R).

About the Mercury Alliance Program

The Mercury Alliance Program is designed for companies offering best-of- breed services and value-added products that leverage Mercury business technology optimization (BTO) offerings and best practices. Mercury Alliance Partners provide BTO consulting and implementation services and products that complement Mercury's offerings in IT governance, application delivery, and application management to help customers optimize the business outcomes of IT.

About QAInspect http://www.spidynamics.com/products/qainspect/index.html

SPI Dynamics was first to market in 2003 with web application security products designed specifically for the QA professional. SPI Dynamics' QAInspect product line enables QA professionals to incorporate fully automated web application security testing into the overall test management process without the need for specialized security knowledge and without the risk of slowing aggressive product release schedules. With QAInspect, Mercury users can conduct and manage both functional testing and security testing from a single platform. QAInspect applies the most innovative techniques to identify security defects from the hacker's perspective. QAInspect reports on those vulnerabilities with detailed security knowledge in a way that Quality Assurance professionals can understand with a concise prioritized list of vulnerabilities and thorough vulnerability descriptions. Analysis results yield detailed information on the types of attacks possible, such as Cross- Site Scripting (XSS) or SQL Injection. In addition, QAInspect tests for over 20 laws, regulations and best practices like SOX, FISMA, HIPAA and PCI.

The QAInspect Enterprise web application security testing solution is fully integrated with SPI Dynamics' Assessment Management Platform(R) (AMP); a distributed, scalable platform for enterprise-wide application security testing. This industry-first combination provides organizations the ability to standardize organizational security policies that drive quality and security standards throughout the software development lifecycle.

By leveraging SPI Dynamics' extensive built-in application security expertise, QA professionals can remain focused on functional and performance testing while easily adding automated application security testing for all applications they review.

QAInspect Enterprise

QAInspect Enterprise finds and prioritizes security defects in a web application during testing and presents detailed information and remediation advice about each defect, all from within the Mercury Quality Center and Mercury TestDirector environments.

QAInspect Tester

QAInspect Tester leverages existing Mercury QuickTest Professional and Mercury WinRunner functional testing scripts to find and prioritize security defects in specific business processes or pages of web applications during testing, and presents detailed information and remediation advice about each security defect.

For more information on SPI Dynamics or the company's solutions for the QA professional, please contact SPI Dynamics at (866) 774-2700 or [email protected].

  About S.P.I. Dynamics Incorporated
  Start Secure. Stay Secure.(R)
  Security Assurance Throughout the Application Lifecycle


SPI Dynamics delivers a comprehensive suite of products and services (http://www.spidynamics.com/products/index.html) that help to identify and remediate web application and web services security vulnerabilities found at key stages throughout the web Application Lifecycle. SPI Dynamics solutions enable security professionals, QA testers, and developers to work together to assess, analyze, and remediate web applications and web services for security vulnerabilities, and verify compliance with over 20 security policies like SOX, HIPAA and PCI. The Company's unique approach utilizing patent-pending Intelligent Engines(TM) technology combined with the largest web application security vulnerability knowledgebase in the industry delivers unparalleled speed and accuracy. SPI Dynamics' research and development team, SPI Labs, is widely recognized as one of the world's leading authorities on web application security and risk management. The Company has over 800 customers among Global 2000 enterprises, including over 90 U.S. Federal accounts, and has strategic partnerships with Microsoft, IBM, Mercury, CSC and Visa with Visa investing in the Company in 2005. SPI Dynamics is privately held with headquarters in Atlanta, Georgia. For more information on web application security, visit http://www.spidynamics.com/ or call (866) 774-2700.

QAInspect, Assessment Management Platform and Start Secure. Stay Secure. are registered trademarks, and Intelligent Engines is a trademark of S.P.I. Dynamics, Inc. Mercury, Mercury Business Process Testing, Mercury QuickTest Professional, Mercury TestDirector, Mercury Quality Center and Mercury WinRunner(R) are trademarks of Mercury Interactive Corporation and may be registered in certain jurisdictions. Product or service names mentioned herein are the trademarks of their respective owners.