Teranet Inc., the leading provider of integrated land-based products and services in Ontario, Canada, has selected Cenzic Hailstorm Enterprise ARC to maximize web application security through application security testing, application penetration testing and application vulnerability management.
Teranet's primary focus is managing Ontario's land registry system, which includes data associated with more than five million parcels of land and creates electronic applications to provide online access to the data. Tens of thousands of lawyers, real estate agents and other professionals throughout Ontario use Teranet's proprietary applications to access the government's land registry data for e-service applications such as fraud checking, property registration and valuation. Additionally, Teranet's e-service business provides applications that integrate with banks, allowing the general public to complete tasks online, such as paying parking or speeding tickets and connecting to a number of municipalities throughout Ontario.
Prior to Cenzic, Teranet manually tested their applications, making accuracy and effectiveness a challenge. The company became increasingly aware of the web application security and payment card industry (PCI) compliance focus in their market. While operating alongside rising amounts of payment providers pursuing PCI certification, Teranet sought out alternatives to manual testing that would match what would soon be an industry standard. The company needed to implement an automation solution to test their applications while discovering and remediating vulnerabilities to protect Teranet from the latest threats and hacks.
"During the testing process, we looked at the product offerings from Cenzic and other companies and we chose Cenzic because of its outstanding enterprise risk management capabilities, ease-of-use through its dynamic and intelligent dashboard and reports, the flexibility of the solution, the excellent support team and because the product produced significantly less false positives compared to the competition while finding more vulnerabilities," said Andrew Wing, systems architect at Teranet. "Since deployment, we've had great successes in securing our applications, as well as in educating employees about specific vulnerabilities. As a result, Hailstorm is not only ensuring the safety of sensitive information for our organization, but the general public of Ontario."
Hailstorm allows the most comprehensive, accurate and extensible solution for legacy and Web 2.0 applications, with customized security tests along with robust and flexible reporting and remediation information for the most accurate, most dependable form of application security. Since implementing Hailstorm, Teranet has made a seamless transition to PCI compliance, and plans to integrate with HP's Mercury and Fortify products, to ensure that they are optimizing their software development process, and maximizing security at every stage of the SDLC. As a result, Teranet remains confident in its continuing ability to maintain an exemplary level of security of its systems and data.
