Securing Enterprise Applications - Cenzic Contact Us
Call 1-866-4-CENZIC (423-6942)
or email request@cenzic.com

home > products services > download hailstorm
products_services

Get Better Security

Clients and Partners
IBM
spacer

Until recently, the only way to obtain an accurate security assessment was through manual penetration testing — an expensive proposition. Now, with Cenzic Hailstorm®, companies can obtain security that is both accurate and cost effective.

Hailstorm Starter: Try for 45 Days
Hailstorm Core: Try for 7 Days
Hailstorm Core: Buy Today
Hailstorm Enterprise: Request Evaluation
About Hailstorm Core

By integrating assessment technology with a unique SmartAttack™-based approach, Cenzic Hailstorm Core provides high quality of results for assessing applications by:
  • Testing commercial and custom web applications against best practice security policies
  • Testing and monitoring applications for commonly known vulnerabilities
  • Building security into web applications as they are being developed, greatly reducing the cost, risk, testing, and time to market.
Hailstorm Core is a simplified product based on the technology of Hailstorm enterprise. Key features include:
  • Support for instant and interactive assessments
  • Ability to assess sites up to 150 pages
  • Support for common SmartAttack™ such as SQL Disclosure, SQL Error, Cross-site scripting, web server version, and Buffer overflow
  • Consolidated assessment report output
About Hailstorm Starter

Hailstorm Starter is a simplified product based on the technology of Hailstorm Enterprise. Key features include:
  • Support for instant and interactive assessments
  • Ability to assess sites up to 50 pages
  • Support for a common SmartAttack™: Cross-site scripting
About Hailstorm Professional

Cenzic Hailstorm Professional Edition provides rich features with unmatched extensibility capabilities to capture key vulnerability data. Users can configure custom SmartAttack™ objects to add to the existing pre-crafted library to address new and unique vulnerabilities. Decision support information is at management's fingertips through our reporting and dashboard features.

Feature Starter Edition Core Edition Professional Edition
Extensive SmartAttack Library1 SmartAttack5 SmartAttacksFull Library (50+)
SmartAttack Updatespartialpartialcomplete
New SmartAttack Additionsnonoyes
Web Application Assessment50 pages150 pagesUnlimited
Website Traversal Configurationnonoyes
Assessment Results Reportingno1 report10+ reports
Pre-Built Assessments11extensive
Custom Assessmentsnonoyes
Intelligent Web Form Training Supportnonoyes
User Administrationnonoyes
Advanced Assessments and Reportingnonoyes

Professional Edition includes the entire SmartAttack™ Library, including updates each month to provide you up-to-date protection on all your web applications. SmartAttacks™ are based on an extensive research performed by the Cenzic Intelligent Analysis (CIA) Research Lab, feedback from various security associations, and input from Global 2000 corporations and government agencies.

The library includes tried and true security practices around resistance to attack. Many of the SmartAttacks™ address security issues for regulatory compliance with Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley, SB 1386, HIPAA, and others. Cenzic provides continuous updates based on new vulnerabilities found in our CIA labs, similar to the anti-virus model to help you stay ahead of the exploits and attacks.

Product Overview

Capabilities:
  • Enterprise deployment
  • Management dashboard and extensive reporting

Differentiators:
  • Accuracy:
    • Application assessment
    • Application specific settings
    • Step mode and user injections
  • Comprehensiveness:
    • Interactive results
    • Enhanced Smart Attacks
  • Extensibility:
    • Rapid configuration of Smart Attack parameters, application specific settings
  • Automation:
    • Assessment scheduling
    • Assessment sharing
  • Performance:
    • Parallel execution of SmartAttacks™

Enterprise Deployment

  • Centralized database for assessment results, reports, application settings and job definitions
  • User roles
  • Centralized application setting through use of projects
  • Job sharing, control over tasks and privileges
  • Global dashboard for tracking testing effectiveness

Cenzic Services

ClickToSecure™
  • Assessment and Pen-Testing
  • Combination of People, Tools and Processes
  • Builds policy library for you for repeatable processes
Assessment Methodology
  • Process improvement and best practices
Training
  • Extensive training to your staff on pen testing and tools
Professional Services
  • Implementation and custom policy creation

Application security

COMPANY   |   PRODUCTS & SERVICES   |   SUPPORT   |   NEWS   |   CUSTOMERS   |   PARTNERS   |   CIA RESEARCH   |   CONTACT   |   LEGAL   |   PRIVACY   |   SITE MAP   |   HOME

© Copyright 2008 Cenzic