Watchfire Offers Web Security as a ServiceBy Matt Hines | Posted 2006-04-10 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
The vendor offers a hosted version of its Web-app vulnerability testing technology, AppScan OnDemand.Betting that security applications will follow in the footsteps of CRM tools and similar technologies, Web site testing specialist Watchfire is launching a hosted version of its software.
The company contends that its new offering, AppScan OnDemand, delivers all of the same functionality as its traditional on-site applications, via the software-as-a-service model.
Just as Salesforce.com and others have revolutionized the manner in which customers digest their CRM (customer relationship management) applications, Watchfire maintains that its service offers the same benefits of lowered administrative overhead and easier installation.
David Grant, director of product management for the company, based in Waltham, Mass., said that since the field of Web-applications security is still relatively small and growing, moving the technology to the hosted model will create new opportunities and help the firm differentiate itself from larger rivals such as VeriSign.
A benefit to customers is that the service can handle large numbers of tests at one time, testing that would otherwise often place too much strain on users' time and resources, he said.
"The reason why we decided to go this route is because Web-applications security testing is still so new that many organizations don't have expertise in-house," Grant said. "Companies who have been using our existing software have problems expanding their testing because it simply becomes such a big task to manage, but using the service we can automate much of that and offer as much bandwidth as the customer needs."
For example, when a business launches a new Web site, portal or online application, it often needs far more in the way of testing capabilities during that initial period than it would typically demand, Grant said. By accessing those services online, companies are able to run as many tests in as short a time frame as they might need.
Watchfire's customer list already includes some big names in IT, including Dell and Vodafone. While the company's hosted Web-applications testing offering is new, officials said the firm is already generating roughly 40 percent of its revenues from its privacy and compliance-related applications, which also include software-as-a-service delivery elements.
AppScan On-Demand promises to host and manage applications being tested, and offer technical administration and testing analysis.
In addition to safeguarding against vulnerabilities, AppScan pledges to oversee regulatory compliance issues, provide customers with security update information, and allow businesses to alter and customize their Web applications during testing.
"We know that IT organizations are struggling with the issue of Web-applications testing and often have trouble deciding where to budget the work," Grant said. "By approaching it as a service, it makes the whole process a lot easier to plan out and budget in advance."
Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.