Software developers and testers who use Borland's Gauntlet will
now have an application security testing tool available to
them.
Beginning this week, Cenzic's Hailstorm will be available as a
plugin to Gauntlet, an automated system for building and testing
code. Interested users may visit
Borland's Web site to download a 30-day free trial of Gauntlet
and a 60-day free trial of Hailstorm.
Gauntlet is a continuous integration system that improves
visibility, software quality and developer productivity by
proactively building and testing code, isolating defects, and
reporting on key development metrics.
When developers check in code to Gauntlet, Hailstorm can
automatically test it for security vulnerabilities and report
security issues through the Gauntlet dashboard. Hailstorm provides
automated security assessment of custom and commercial Web
applications and works throughout the software development life
cycle (SDLC) -- whether in development, QA or operations -- to help
find and remediate security vulnerabilities, guide enforcement of
internal security policies and support regulatory compliance.
Mandeep Khera, vice president of marketing at Cenzic, said by
integrating Hailstorm with Gauntlet the company hopes to increase
the awareness of application security issues and the importance of
including security throughout the SDLC.
"This allows them to proactively look for vulnerabilities in new
code that they're developing," he said. "If you're already testing
applications, why not also test for security?"
If companies want to look for vulnerabilities in applications
already in production, they can turn to
Cenzic Hailstorm Enterprise ARC. With its intelligent
dashboard, Cenzic Enterprise ARC gives companies the ability to
automatically discover and inventory applications and provides a
comprehensive view of application security status with a complete
workflow from a central console.