Press Releases

nCircle Unveils WebApp360™ — the Industry’s First Enterprise-Class Web Application Scanning Solution Suitable for Production Environments

WebApp360™ extends the nCircle IP360 security risk management system to offer a comprehensive view of IT security risk.

Press Contact

SAN FRANCISCO, CA — February 06, 2008 — nCircle, the leading provider of agentless security risk and compliance management solutions, today announced WebApp360, a new product designed to detect vulnerabilities in web applications. WebApp360 extends nCircle’s market-leading security risk management platform, IP360, to include assessment of enterprise web applications, offering the industry’s most comprehensive view of IT security risk. Together, WebApp360 and IP360 offer customers an unprecedented, prioritized assessment of IT security risk, from web applications to the underlying IT infrastructure supporting them. Designed to scale to even the world’s largest production enterprise networks, WebApp360 helps enterprises identify and reduce their security risk and ensure compliance at the lowest possible cost.

The number of web applications in enterprises is rapidly growing as more and more business is conducted online, increasing the risk to organizations and the need for security assessments of these applications. However, enterprises searching for a security solution often find that vulnerability management solutions don’t assess web applications, and web application security solutions don’t assess the IT infrastructure they run on. As a result, security professionals are faced with disconnected and incomplete views of enterprise risk. WebApp360 fills the gap, offering continuous assessment of web applications and their underlying systems. With WebApp360, enterprises can automatically and continuously detect critical web application security risks such as SQL Injection and Cross Site Scripting vulnerabilities within the context of total IT enterprise risk to ensure resources are focused on the most important risks first.

“As enterprises increasingly deploy Internet-facing Web systems for internal and external communication, the potential vulnerabilities in these systems create new security concerns,” said Peter Christy, Principal, Internet Research Group. “With the release of WebApp360, nCircle enhances the value of their enterprise-wide risk assessment to include on-going production scanning of these critical web-based applications, complementing the penetration testing that may have been done during development and enabling their ongoing security.”

WebApp360 is available as an integrated add-on module to nCircle’s security risk management platform, IP360, and benefits from IP360’s market-leading scalability, manageability, appliance-based architecture and vulnerability coverage. WebApp360 utilizes IP360’s extensive reporting capabilities, providing a comprehensive view of not only vulnerabilities found in web applications, but also those in the supporting web servers, operating systems, services, protocols, network infrastructure and adjacent software systems. Without such comprehensive analysis of IT risk, enterprises only see individual silos of risk, often leaving serious problems undiscovered.

“nCircle’s new WebApp360 closes a major gap in risk management that hasn’t been well addressed by the security industry, and one that our customers have shown considerable interest in – assessing the security of web applications within the full context of production IT environments,” said Tim Keanini, nCircle’s Chief Technology Officer. “WebApp360 enables continuous and accurate assessment of production web applications, helping enterprises reduce risk and improve compliance.”

WebApp360 provides the following benefits:

  • Installs instantly on existing nCircle IP360 deployments, fully leveraging nCircle’s appliance-based architecture to eliminate the high cost of deployment and on-going maintenance associated with traditional software solutions.
  • Built on IP360’s proven, scalable architecture, WebApp360 supports even the largest and most complex global networks
  • Fully integrated with nCircle Focus™ and Security Intelligence Hub™ to provide customers with unprecedented visibility into their overall IT security risks
  • Licensed to support unlimited users, eliminating a common frustration among enterprise customers of standalone web application scanners
  • nCircle’s modular product line enables customers to start with nCircle IP360 for vulnerability management and add WebApp360 for web application security assessment and/or nCircle Configuration Compliance Manager for configuration compliance, for the most comprehensive security risk and compliance management solution on the market today.

 “At a time when most vulnerability management vendors have faded into irrelevance or obscurity, nCircle has demonstrated vision, innovation and continued investment in a complete security risk management product line that is unmatched in the industry,” said Abe Kleinfeld, CEO of nCircle. “The unique combination of vulnerability management, configuration compliance, web application scanning, topology risk analysis, file integrity monitoring and security analytics — backed by nCircle’s world class research team — makes for a powerful integrated solution that helps customers show meaningful results in improving security and achieving compliance.”

About nCircle Suite360
nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery of networked systems and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle's solutions include IP360™ for vulnerability management, WebApp360™ for web application vulnerability auditing, Configuration Compliance Manager (CCM)™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for on-demand self-service PCI scanning, and Suite360 Intelligence Hub™ for IT governance, risk and compliance (ITGRC) reporting and analytics.

About nCircle
nCircle is the leading provider of automated IT security and compliance auditing solutions. More than 4,500 enterprises, government agencies and service providers around the world rely on nCircle's proactive solutions to manage and reduce security risk and achieve compliance on their networks. nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership.  nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. Additional information about nCircle is available at www.ncircle.com.

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.