Watchfire Releases AppScan 7.6, Introduces Application Security Service

OnDemand software service leverages AppScan 7.6, security experts to target Web vulnerabilities

p>Watchfire released an updated AppScan (version 7.6) and introduced AppScan OnDemand, a service that assesses Web application vulnerabilities.

The new OnDemand service is designed for use by enterprises with little application security expertise as well as those needing to assess a business partner’s security standards. The service uses AppScan and Watchfire’s security experts to scan, analyze and recommend fixes and best practices, a boon for companies with little or no in-house security expertise that need an vulnerability assessment.

This assessment comes in three levels:

  • The basic vulnerability assessment is an entry-level offering. Watchfire experts run AppScan and provide analysis and recommendations.

  • The comprehensive vulnerability assessment uses Watchfire experts to conduct a comprehensive security scan (also using AppScan) and manual testing and exploitation of findings. Watchfire says this level is designed for medium to large applications with heavy user access levels. %%The advanced application security test accommodates the largest and most complex applications and provides a comprehensive security test and manual techniques to give a full, detailed assessment.

For customers who would rather install the software than run it as a service, the company has released AppScan 7.6, which automates application security testing. Enhancements in this version include new PHP fix recommendations that address a SQL Injection Exploit eXtension to reduce false positives by detecting the presence of this vulnerability.

Additional AppScan 7.6 features include a Developer essentials test policy to help developers’ efforts in Web application security, new, comprehensive compliance reporting, and AppScan Reporter for Microsoft PowerPoint so users can export scan results to a slide show.

AppScan 7.6 is available immediately as an individual offering; prices begin at $14,400. For more information and to download AppScan 7.6, visit

AppScan OnDemand is available immediately; service begins at $5,000.

Note: In early June, IBM entered into an agreement to acquire Watchfire Corporation; the transaction is expected to be completed in the third quarter of 2007, according to Watchfire.