iViZ Teams up with Qualys to Improve App Security

February 13 brought about the partnership of two forerunners of cloud technology: iViZ and Qualys. Qualys, Inc. provides cloud security and compliance management solutions, while iViZ supplies cloud-based penetration testing services.

Together, they will test security of Web applications and sites for companies, Qualys said in a recent statement.

QualysGuard Web Application Scanning and iViZ Penetration Testing Technology, together with manual testing, will give organizations cost-effective and scalable ways to protect their Web services and applications against attacks.

iViZ will offer a zero false positive guarantee and will cover all the Web Application Consortium classes.

The service addresses the large shortage of trained Web security professionals. Without enough people to fill the positions, Qualys and iViZ offer an automated solution to finding security issues for a site without having to hire additional staff.

Web applications can store business and customer data and be left vulnerable to hacking or attacks. Without a way to test for security flaws, personal and business data can be stolen, corrupted or lost.

“As Web applications have become a focus for attackers, web application security has become a priority for enterprises,” said Charles Kolodgy, research vice president for IDC’s security products. “But scanning and remediating Web application vulnerabilities is challenging because of their complexity and the sheer number of custom Web applications. Automated Web application scanning combined with manual testing can help organizations identify and validate exploitable vulnerabilities.”

iViZ will utilize QualysGuard Web Application Scanning for automated scans, and then use its own Penetration Testing technologies to check and remediate any issues that are found. Manual testing adds an extra layer to ensure there are no false positives and that everything is covered.

Every issue that is found will be delivered in a report through iViZ’s secure Web portal, keeping the data out of unwanted hands.