Cenzic Hailstorm^® Enterprise ARC™

Manage your risk, Protect your web applications — Protect your enterprise

Discover how secure your web application portfolio really is, with Hailstorm^® Enterprise ARC™ (Application Risk Controller), the only true risk-management platform for application security. Analyze application security status across departments, business units and geographies. Identify risk trends, prioritize resources and make better decisions to bulletproof your organization’s applications.

Product Features

• Intelligent dashboard provides key metrics
• Shared database provides integrated reporting and maintains all summary and detail results (MySQL or Oracle)
• Prioritize your vulnerabilities with the industry's first and only quantitative score called HARM™
• Web server provides dashboard status of application security on a real-time, need-to-know basis
• Job execution engine automatically discovers applications and performs ongoing assessments using SmartAttack™ library
• Measurement of overall and individual application risk
• Role-based visibility
• Messaging for workflow support
• Administrator control over user roles, tasks and privileges
• Complete SmartAttacks™ library and SmartAttack™ Modeler with rapid configuration and application-specific settings

Key Benefits

Get accurate, cost-effective risk assessment for the life of your applications:

• Understand and track the security status of your application portfolio
• Track assessment progress across business units
• Determine trends so you can apply resources more effectively
• Gain a thorough understanding of security flaws and what it will take to eliminate them
• Resolve internal and external compliance issues
• Reduce or eliminate downtime, data theft and financial loss by avoiding application vulnerabilities
• Save money by establishing a repeatable process for validating application security without relying on outside experts
• Get started fast with easy-to-use wizard interface
• Schedule assessments while applications are active

Cenzic Hailstorm^® Professional

Accurate, cost-effective application security testing

Capture key vulnerability data — at any stage of the application lifecycle — with Hailstorm^® Professional. Customize and configure tests based on your requirements, or use pre-sets for quick assessments.

With the only non-signature based solution in the industry, an easy to use wizard interface, a comprehensive SmartAttack library that provides you thousands of tests, and robust and flexible reporting with remediation information, you’ll be able to secure your applications – quickly, efficiently, and accurately.

Product Features:

• Assessment wizard that allows you to quickly run your assessment jobs
• Complete SmartAttacks™ library and SmartAttack™ Modeler, with rapid configuration and application-specific settings
• Comprehensive reports with detailed remediation information and export capabilities
• Administrator control over user roles, tasks and privileges
• Control and customize the assessment process with step mode
• Delegate tasks with job-sharing function

Key Benefits:

Identify high-risk applications and respond quickly:

• Detect more vulnerabilities and reduce false positives
• Prioritize your vulnerabilities with the industry's first and only quantitative score called HARM™
• Allocate resources more effectively
• Resolve internal and external compliance issues
• Reduce costs with automated penetration testing for both commercial and custom applications
• Get started fast with easy-to-use wizard-based interface
• Schedule assessments while applications are running, with no down-time

Hailstorm® Core & Hailstorm Starter

Application Testing with Some Basic Core Attacks to get Started with Application Security.

Understand major security flaws. Increase productivity.

For getting started by assessing a particular application, Cenzic Hailtorm Starter or Core can go beyond standard, first-generation, signature based detection to find critical security risks like cross-site scripting flaws. With these simplified application security products based on the technological strength of the all of Cenzic Hailstorm® solution, you can test commercial and custom web applications against best practice security policies or for the most commonly known vulnerabilities. In doing so you can your reduce your vulnerability risk and improve your overall web application security. Though Hailstorm Core and Starter only have 1 to 5 key attacks, they are great solutions to get your application security started. 

Key Benefits

• Identify major security flaws present in target applications
• Help with internal compliance policies
• Avoid application vulnerabilities that lead to downtime, data theft and financial loss
• Assess applications for commonly known vulnerabilities, using Cenzic’s SmartAttack Library [ hyperlink to Smart Attack pages]

Core & Starter Features:

Hailstorm Core	Hailstorm Starter
Ability to assess sites up to 150 pages	Ability to assess sites up to 50 pages
Probe for five common vulnerabilities: SQL Disclosure, SQL Error, Cross-Site Scripting, Web server version and Buffer Overflow	Probe for 1 common vulnerability: Cross-Site Scripting using SmartAttack Library [ hyperlink to library pages]
7 day Free Trail	45 Day Free license
Consolidated Assessment report output	Easy to upgrade to Hailstorm  Professional or ARC
Easy to upgrade to Hailstorm  Professional or ARC
Download Core with 5 key Attacks	Download Starter with 1 key Attack
7 day Free Trial	45 Day Free License

Hailstorm^® Starter

Our most basic package, rooted in the technological strength of the Hailstorm^® platform. Key features include:

• Support for instant and interactive assessments
• Ability to assess sites up to 50 pages
• Use SmartAttacks™ library to probe for cross-site scripting, a common vulnerability
• 42-day free license, renewable
• Downloadable
• Upgrade to Hailstorm^® Professional or Hailstorm^® Enterprise ARC™