Comprehensive Enterprise-wide Application Risk Management

Manage risk. Find more “real” vulnerabilities. Protect all your web applications-legacy and new.

Discover how secure your web application portfolio really is, with Hailstorm® Enterprise ARC™ (Application Risk Controller), true risk -management platform for application security. Hailstorm Enterprise ARC automatically analyzes your Company’s application security status across the enterprise – departments, business units and geographies. Hailstorm ARC’s intelligent dashboard tells you how many and where your applications are located, identifies which are at the highest risk, provides overall risk trends empowering you to make decisions about your applications and prioritize resources – enabling you to truly secure your organization’s applications.

Key Benefits

  • Get accurate, cost-effective risk assessment for the life of your applications.

  • Integrate vulnerability data results from multiple sources including manual penetration testing, Watchfire? and SPI Dynamics? application security tools, commercial black box tools, & source code analysis tools.

  • Enables you to test and re-test both production and development applications easily.

  • Resolve internal and external regulatory compliance issues.

  • Understand and track the security status of your application portfolio.

  • Access application security status over the internet from anywhere.

  • Determine trends so you can apply resources more effectively.

  • Gain a thorough understanding of security flaws and what it will take to eliminate them.

  • Discover applications and perform ongoing assessments using Cenzic?s SmartAttack™ library.

  • Save money by establishing a repeatable process for validating application security without relying on outside experts. Schedule assessments while applications are active.

Key Product Features

  • Intelligent dashboard provides key metrics.
    Easy-to-use wizard interface gets you started quickly.

  • Shared database provides integrated reporting and maintains all summary and detail results (MySQL or Oracle).

  • Prioritizes your vulnerabilities with the industry's first and only quantitative score called HARM™.

  • Web server provides status of all application’s security on a real-time, need-to-know basis.

  • Job execution engine automatically discovers applications and performs ongoing assessments using SmartAttack™ library.

  • Measures overall and individual application risk.

  • Provides role-based visibility into applications depending on your information needs as a member of the info security team.

  • Provides messaging for workflow support .

  • Gives administrator control over user roles, tasks and privileges.

  • Complete SmartAttack™ librarywith rapid configuration and application-specific settings.