Today, applications are the lifeblood of your business. And application security breaches put your business outcomes at serious risk.
HP Application Security offerings allow developers, quality assurance (QA) teams and security professionals to quickly and cost-effectively perform a security risk assessment, identify security vulnerabilities and remove security defects throughout the application lifecycle. Our solutions provide common security policy definitions, automated security tests, centralized permissions control and web access to security information.
With HP Application Security solutions, your organization can:
- Lower risks by detecting security defects early in the application software development lifecycle
- Reduce time and budget for a security risk assessment through consolidated, automated testing
- Facilitate a coordinated application security testing program across different departments in different locations
- Provide visibility into enterprise-wide application security status through pre-configured reports
- Help management measure the effectiveness of your security risk assessment program
- Meet legal and regulatory compliance requirements
Support complicated sites, including those using JavaScript, flash, web services, SOAP or Ajax
|
Getting
Started
|
Security Assessment for
Emerging Technologies
|
The Latest in
Hacking Techniques
|
 |
|
|
Top AJAX Security Dangers
Are you ready for AJAX? Hackers definitely are! With the growth of Web 2.0 and Rich Internet Applications (RIA), developers are rapidly adopting AJAX and unknowingly exposing serious security risks. While AJAX can greatly improve usability, it can also generate new attack opportunities. Download this white paper from HP and learn how to protect your sensitive data.
Download Now
|
|
How a Hacker Launches an LDAP Injection Attack
Are you vulnerable to a LDAP Injection attack? LDAP injection is the technique of exploiting web applications that use client-supplied data in LDAP statements without first stripping potentially harmful characters from the request. The objective of this paper is to inform developers, system administrators and security professionals about various techniques that could be used to attack their applications.
Download Now
|
|
Web Application Security and PCI DSS Compliance
After June 2008, the PCI DSS will begin enforcing requirement 6.6, “Ensure that all web facing applications are protected against known attacks.” Download this free paper, from HP Software and gain a comprehensive overview of PCI DSS as it relates to web application security and gives you the information you need to avoid fines and loss of credit card privileges.
Download Now |
|
Top Security Vulnerabilities in Web 2.0 Applications
Web 2.0 applications can be more vulnerable to exploitation by hackers than their predecessors. When Web 2.0 applications push functionality and code to users, they provide hackers with information that can be used for formulating attacks. This white paper defines some of the common technological components of Web 2.0 applications and discusses ways of securing them against exploitation.
Download Now
|
|
XPath Injection: Are Your Applications Vulnerable?
With the spread of AJAX applications and their inherent use of XML one form of injection attack, XPath injection, is becoming more popular. XPath injection is as dangerous as SQL injection and, in many cases, easier to exploit. This white paper will help you identify XPath injection vulnerabilities and discusses methods for preventing these vulnerabilities.
Download Now
|
|
|
|
|
|
How a Hacker Launches a Blind SQL Injection Attack
Read this white paper and you will learn the techniques that can be used to take advantage of a Web application that is vulnerable to Blind SQL Injection, and to make clear the correct mechanisms that should be put in place to protect against Blind SQL Injection and similar input validation problems.
Download Now |
| |
|
|
|
|
|
|
|
