August 17, 2005

Free Web App Security for Open Source Community

Cenzic writes "Cenzic offers the first free NT version of the world’s most popular open-source vulnerability scanner.
Santa Clara, Calif.—August 15, 2005—Cenzic, Inc. today announced that it has ported Nessus to Windows NT and will make the code for the product available free of charge via the Cenzic website. Nessus aims to provide the Internet community a free, powerful, up-to-date and easy to use remote security scanner and is today used by more than 75,000 organizations worldwide. Cenzic is the first company to port Nessus to the Windows NT operating system and offer it for free to the open-source community. The download is available immediately from the Cenzic web site at http://www.cenzic.com/nessusport.html.

“In developing our flagship product Hailstorm®, we wanted to include some of the application infrastructure tests provided by Nessus to our existing comprehensive suite of objects that test for application vulnerabilities, application logic validation, internal policies enforcement, and compliance enforcement and a port of Nessus to NT made it a seamless integration into our product,” said John Weinschenk, CEO of Cenzic. “After porting Nessus to NT, we knew we had developed something that would be of value to the open-source community, in addition to the obvious features it brought to our product. So, it’s exciting to have the opportunity to contribute the first free version of Nessus for NT.”

Cenzic Hailstorm helps companies protect their web-based applications from potential security threats by emulating the way real hackers work in order to test applications for security vulnerabilities and compliance issues. By assessing applications in a stateful manner, Cenzic provides companies with highly accurate results without the “false positives” often associated with scanning-based solutions, as well as tests for application logic issues and policy compliance for internal policies and regulatory standards.

Nessus is an open-source vulnerability scanner used by more than 75,000 organizations worldwide. It is a remote security scanner and used in the process of assessing applications for potential threats. Nessus is integrated within Hailstorm, and provides basic scanning features to complement the product’s more comprehensive vulnerability assessment functionality. Cenzic’s new NT-ported version of Nessus is available now free of charge at http://www.cenzic.com/nessusport.html.

About Cenzic
Cenzic provides Hailstorm®, the next-generation enterprise software and services for automated application security assessment and compliance that allows Fortune 1000 corporations and government organizations to dramatically improve the security of web applications. Hailstorm enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities, and verify compliance with security policies. Hailstorm benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Cenzic ClickToSecure™ service is one of the industry’s first solutions to combine the power of an enterprise-class application security assessment product with the flexibility of a managed security service. Cenzic’s customers are currently in the financial services, e-retail, and government sectors. For more information visit www.cenzic.com.

CONTACT:
Jesse Odell, Jason Throckmorton, or Melissa Biles
LaunchSquad
415-625-8555
cenzic@launchsquad.com"

Click Here!