Risk
2/25/2014
09:04 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Cenzic Announces New Application Security Service For The Connected Enterprise

Cenzic PASS allows enterprises to define the criteria for acceptably safe partner applications

Campbell, CA – February 24, 2014– Cenzic, a leading provider of application security intelligence to reduce security risk, today announced the release of its Partner Application Security Certification Program, the first solution designed to manage and reduce online risk for enterprises connecting with third party applications. Offered via a combination of consulting and cloud-based vulnerability scanning as a service, theCenzic Partner-Application Security Scanning (Cenzic PASSTM)service helpsenterprises invite partners to test and certify any integrated application in a reliable, efficient and practical way to reduce online risk.

Powered by the Cenzic Hailstorm&trade engine with leading accuracy and comprehensive detection, Cenzic PASSTMoffers the best web application vulnerability detection service and remediationguidance for connecting partner applications.The service allows enterprises to define the criteria for acceptably safe partner applications to connect to the enterprise and meet compliance requirements, and directs partners and vendors to a Cenzic-hosted application scanning portal for workflow-driven self-service certification. By creating a custom scanning portal, Cenzic guides partners through the process of certifying the applications they integrate with on your website to ensure they meet pre-defined security standards.

"Virtually every enterprise is part of a vast supply chain that involves many participants. Yet, most of these organizations build their cyber security defenses as if they are islands," said Bala Venkat, Chief Marketing Officer (CMO) of Cenzic."Today, enterprises must go beyond their own internal firewalls and look more closely at the shared infrastructure. Cenzic PASSTMoffers enterprises a new,customizable approach to manage online risk and certify the security standards of their partner applications,benefiting both the enterprise and the partner in the face of malicious attacks."

Cenzic PASSTM offers a full suite of services including:

• Accurate cloud-based scanning servicesto test the vulnerabilities in integrated partner applications.

• Consulting Services to help definethe application security certification standards needed by partners.

• Customization of portal, policy, database, and all automated emails that usher application owners through certification.

• An Administration Dashboardthat displays the scanningstatus and allows you to efficiently manage outcomes.

• Detailed Vulnerability Reports sent to partners, who can then opt to work directly with Cenzic for any remediation.

Cenzic's partner and vendor application security service provides a cost-effective and efficient certification process ensuring that all third-party applications integrated with an enterprise have minimal vulnerabilities. As a result, business partners are able to maintain effective defenses, while interdependent systems and applications across the entire supply chain are completely secure.

Cenzic PASS is immediately available. For more information, please visit: https://www.cenzic.com/solutions/supply-chain-web-application-security/index.html

About Cenzic

Cenzic provides the leading application security intelligence platform to continuously assess Cloud, Mobile and Web applications to reduce online security risk. Cenzic's solutions scale from single applications to enterprise-level deployments with hybrid approaches that enable testing of applications at optimal levels. Cenzic helps brands of all sizes protect their reputation and manage security risk in the face of malicious attacks. Cenzic's solutions are used in all parts of the software development lifecycle, and most importantly in production, to protect against new threats even after the application has been deployed. Cenzic's application security intelligence platform is architected to handle web, cloud and mobile applications and is the first to provide risk reduction recommendations for business, application developers and specific applications. Today, Cenzic secures more than half a million online applications and trillions of dollars of commerce for Fortune 1000 companies, all major security companies, government agencies, universities and SMBs. More information about Cenzic can be found atwww.cenzic.com

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: LOL.
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6212
Published: 2014-04-19
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors.

CVE-2013-6213
Published: 2014-04-19
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 Patch 1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1833.

CVE-2013-6214
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042.

CVE-2013-6215
Published: 2014-04-19
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 10.01 and 10.10 allows remote authenticated users to execute arbitrary code via unknown vectors, aka ZDI-CAN-1977.

CVE-2013-6218
Published: 2014-04-19
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x, 9.1x, and 9.2x allows remote attackers to execute arbitrary code via unknown vectors.

Best of the Web