Web-based apps check code before and after release

Watchfire tool detects security flaws during development, while Panda goes on the hunt for malware

App security vendor Watchfire and anti-malware vendor Panda Software both launched web-based apps this week.

Watchfire's new release, Appscan Enterprise 5, checks source code under development for security problems. The latest version includes a new “point and shoot” testing tool called Quickscan and integrated Computer Based Training, which Watchfire said will "accelerate the adoption of security testing by QA and development teams".

After the security scan, Quickscan presents programmers with a developer task list showing what code needs to be re-written to secure the application.

"The industry is in wide agreement now that security testing must be built into the software development lifecycle, but too often companies mistakenly throw complex security solutions at [program] developers as the answer," said Watchfire chief technology officer, Michael Wieder. "It's simply not feasible to expect developers, who are already overtaxed with go-to-market pressures, to take on the role of security experts too."

Panda's Malware Radar product, meanwhile, is an automated malware audit system. It downloads a 19MB application that scans the system and then stores reports on Panda's back-end systems. Users can then access all their scan results online.

IT Week Labs signed up for Malware Radar, and was impressed by how easy it was to scan systems and access trial results. We could generate downloadable technical and summary reports in PDF format.
A licence to monitor 100 systems for 12 months costs E2,150.