Cenzic Offers Full Suite to Meet Web Application Security Needs for Any Size Company

Company unveils Hailstorm Starter and Hailstorm Core to protect small enterprises from vicious hackers

SANTA CLARA, Calif., Dec. 13, 2006 -- Cenzic Inc. today introduced two new products to protect small enterprises from hackers. Hailstorm® Starter and Hailstorm Core are based on Cenzic's Hailstorm technology and deliver security assessment solutions for smaller enterprises. This announcement, coupled with the recent introduction of Hailstorm Enterprise ARC (Application Risk Controller)™ for large enterprises, rounds out Cenzic's application security assessment solution.

Cenzic Hailstorm software solutions and Cenzic ClickToSecure Managed Service (SaaS) offerings use a Stateful Assessment™ approach that emulates a hacker, providing accurate results along with flexibility to configure the product. Unlike signature-based scanning approaches used by other offerings in the market, Cenzic's approach provides organizations of all sizes with the most comprehensive application and security assessment solution available. Cenzic's complete family of products includes:

  • Hailstorm Starter: Hailstorm Starter is a simplified product based on the technology of Hailstorm Enterprise. It supports instant and interactive assessments for small Web sites, including a SmartAttack™ to reveal cross-site scripting vulnerabilities. %%Hailstorm Core: Hailstorm Core provides high-quality results for assessing applications by testing commercial and custom Web applications against best-practice security policies, testing, and monitoring applications for commonly known vulnerabilities such as SQL Disclosure, SQL Error, cross-site scripting, Web server version, and buffer overflow. It also allows users to build security into Web applications as they are being developed, reducing the cost, risk, testing, and time-to-market. %%Hailstorm Professional: Cenzic's flagship product, Hailstorm Professional enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities. Hailstorm benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Interested companies can download Hailstorm at http://www.cenzic.com/products_services/download_hailstorm.php. %%Hailstorm Enterprise ARC (Application Risk Controller): Hailstorm Enterprise ARC provides automated security assessment of custom and commercial Web applications and works throughout the software development lifecycle (SDLC) -- whether in development, QA, or operations -- to help find and remediate security vulnerabilities, guide enforcement of internal security policies, and support regulatory compliance. With its dashboard views of applications, departments, and business units, security and compliance executives are armed with real-time status of the enterprise and the ability to launch and test any application. The product also provides a quantitative score called HARM (Hailstorm Application Risk Metric). %%ClickToSecure Managed Service: ClickToSecure combines the power of an enterprise-class application security assessment product with the flexibility of a managed security service. %%Cenzic Assessment Methodology: Assessment Methodology completes the solution with a business process consulting service to help customers improve their existing application security methodologies and raise application security awareness in the company. Each of these solutions includes assessing, analyzing, and resolving security vulnerabilities throughout the software development lifecycle (SDLC) and helping in compliance with regulatory standards; Cenzic's pre-crafted SmartAttack library, which enables enterprises to run tests out of the box to find vulnerabilities in all Web applications as well as enforce internal policies; and the company's integration to leading QA tools, source code scanning, application firewall, and other security solutions, giving enterprises the ability to address security issues as an integrated process. In addition, through its lab, CIA (Cenzic Intelligent Analysis) Research, Cenzic provides companies with ongoing and frequent updates to its SmartAttack library for the latest vulnerabilities and threats.

About Cenzic

With its flagship Hailstorm product line that includes Hailstorm Starter, Hailstorm Core, Hailstorm Professional, Hailstorm Enterprise ARC (Application Risk Controller), and the ClicktoSecure managed service, Cenzic is offers a complete application security assessment suite for enterprises of all sizes. Cenzic's current focus includes financial services, e-retail, health-care, and government sectors. For more information, visit http://www.cenzic.com