CUSTOMER SUMMARY
Ministry of Communications and Information Technology

CUSTOMER NEEDS
Traditional application security scanners perform well when discovering vulnerabilities in some of the more mature web technologies, such as Hypertext Markup Language (HTML) and Common Gateway Interface (CGI), but they lack the intelligence required to scan emerging Web 2.0 technologies, such as Ajax, Simple Object Access Protocol (SOAP), service-oriented architecture (SOA), Rich Site Summary (RSS) and Atom, as well as more dynamic technologies, such as JavaScript and Flash. Legacy web application scanners are simply not designed to navigate and interpret today's web applications with active content, mandatory two-factor authentication and other advancements. Simply put, traditional scanners cannot see the entire application. As a result, traditional scanners fail to discover exploitable security vulnerabilities that exist in the more dynamic and complex regions of modern web applications. This results in an unacceptable level of false negatives. Customer needed a solution to block all these threats

OUR RESPONSE
We provided Hp-Webinspect. HP WebInspect software is industry-leading web application security assessment software. HP WebInspect addresses the complexity of Web 2.0 and identifies Vulnerabilities that are undetectable by traditional scanners. HP WebInspect tackles today's most complex web application technologies with break-through testing innovations, including simultaneous crawl and audit (SCA) and concurrent application scanning, resulting in fast and accurate, automated web application security testing.

CUSTOMER FEEDBACK
The customer used the solution to configure HP WebInspect to adapt to any web application environment and use the custom check wizard to create custom attacks, which was very useful and the customer was very satisfied by these features.