Watchfire Introduces AppScan Reporting Console

November 7, 2006; 04:30 AM
Watchfire, the market-leading provider of web application vulnerability assessment software and services to help ensure the security and compliance of websites, today introduced AppScan® Reporting Console which provides a strategic and affordable means to achieving enterprise class web application security. AppScan Reporting Console is a powerful web-based management and reporting solution that allows users to upload AppScan® desktop results to a centralized, web-based repository then easily distribute vulnerability reporting and summary metrics, improving communication across the enterprise. Watchfire also unveiled AppScan 7.0 today, a powerful upgrade to the Company’s web application vulnerability scanning product.

AppScan Reporting Console leverages the power of AppScan® Enterprise, a mature and proven web-based enterprise solution. Watchfire was first to market with an enterprise vulnerability offering with its AppScan Enterprise platform over two years ago. AppScan Enterprise automates the process of web application vulnerability management across the enterprise by providing web application discovery, sophisticated dashboards, centralized controls, scalability and web-based enterprise wide visibility to identify, manage and remediate the critical issues impacting application security.

Now with AppScan Reporting Console, Watchfire has added a third web application security solution that not only perfectly complements any multi-seat AppScan desktop license, but also improves communication by easily distributing vulnerability reporting and summary metrics to different stakeholders including non-security professionals across the enterprise. Backed by an enterprise-class database, Watchfire’s new AppScan Reporting Console allows companies to consolidate scan results from AppScan clients throughout the enterprise, thereby creating one centralized application vulnerability repository. And, because AppScan Reporting Console is web-based, companies can easily distribute report access to QA and Development teams and even non-security professionals without having to install desktop software—critical for companies looking to efficiently integrate vulnerability analysis across their Software Development Lifecycle.

AppScan Reporting Console and AppScan 7.0 are interoperable. The AppScan Reporting Console can be used to set the scan permissions of all AppScan 7.0 desktops, affording organizations with more centralized control over vulnerability testing. Administrators are also able to effectively control report access and the assignment of tasks. The seamless integration of AppScan Reporting Console with the desktop AppScan solution enhances an organization’s ability to efficiently and effectively manage application security vulnerabilities.

AppScan Reporting Console Highlights include:

• AppScan 7.0 Desktop Integration – Consolidates desktop scan results and creates a central repository of web application vulnerabilities.
• Web-based Report Distribution – Improves communication and distributes vulnerability reports to different stakeholders (developers/QA/Senior Management) in a faster and more cost-effective manner than alternatives which force each user to install and manage desktop software.
• Enterprise Metrics and Visibility – Supports sophisticated dashboards and flexible web-based reporting views for improved enterprise visibility of risks and remediation progress.
• Issue Management – Filters and classifies security vulnerabilities to help efficiently manage the remediation process.
• Greater Access Permissions – Allows companies to centrally set and distribute desktop scan permissions and role-based vulnerability report access permissions for greater control of this sensitive information.

“For many organizations, application security is a complex and time consuming process, one that has proven to be particularly challenging for security professionals who need to demonstrate to senior management that they're not only identifying security problems, they’re also making progress to fix security problems. But security professionals cannot do it all alone,” said Peter McKay, president and CEO, Watchfire. “They need a way to consolidate disparate scan data, easily distribute vulnerability reports to developers, and then track remediation progress. As the industry's first web-based, vulnerability management and reporting solution, AppScan Reporting Console has been designed with ease of use and cost effectiveness in mind and making security professionals more successful.”

AppScan Reporting Console is ideal for companies who require greater visibility into their web application vulnerabilities, risks and remediation progress. The flexible web-based reporting architecture enables companies to create multiple dashboards for multiple users and gives individuals the ability to segment security data in ways that are the most meaningful for their business (i.e., the ability to view vulnerabilities by application, by business unit, by geography, by third party provider, etc.). Further, AppScan Reporting Console ships with built-in Issue Management functionality, allowing companies to better track and facilitate remediation efforts. Issue Management allows users to filter and classify security issues allowing enterprises to focus on resolving their highest priority issues first. AppScan Reporting Console can also integrate with the latest versions of Mercury’s Quality Center and IBM Rational’s products.

Pricing for AppScan Reporting Console starts at $35,000. For more details, please visit: http://www.watchfire.com/resources/appscanconsole-factsheet.pdf

Also Announced Today: AppScan 7.0

AppScan 7.0 features even more advanced application vulnerability scanning and automation of more testing processes, for penetration testers and security professionals. It also helps businesses understand and act upon the web security vulnerabilities found—simplifying the remediation process for developers with little or no security expertise. For more information, visit the following link to see today’s AppScan 7.0 press release:

http://www.watchfire.com/news/releases/11-06-06a.aspx

About Watchfire

Watchfire provides Online Risk Management software and services to help ensure the security and compliance of websites. More than 800 enterprises and government agencies, including AXA Financial, SunTrust, HSBC, Vodafone, Veterans Affairs and Dell rely on Watchfire to audit and report on issues impacting their online business. Watchfire has been the recipient of several industry honors including the HP/IAPP Privacy Innovation Award, InfoSecurity Product Guide’s Hot Security Company 2006, Computerworld’s Innovative Technology Award, and "Recommended" rating by Computer Reseller News. Watchfire was named by IDC as the worldwide market share leader in web application vulnerability assessment software. Watchfire's partners include IBM Global Services, PricewaterhouseCoopers, Sapient, Microsoft, Interwoven, WebTrends, EMC Documentum and Mercury. Watchfire is headquartered in Waltham, MA. For more information, please visit www.watchfire.com.