New SaaS-Based Vulnerability-Scanning Solution Is Latest Addition to Company’s Application Security Program.
As hacker attacks become more sophisticated, businesses of all sizes are struggling to protect their Web-based applications.
With Verizon Business' new Application Vulnerability Scanning (AVS) solutions, however, businesses can better understand, identify and mitigate potential Web-based, application-security threats.
Available in November in the U.S., Canada and 13 countries in Europe and Asia-Pacific regions, AVS is offered on an annual subscription basis via the software as a service (SaaS) model. This enables customers to purchase individual applications of the service. Three different solutions - baseline, standard and premium - offer service levels based on the size, complexity and profile of the customer's Web site. A complementary service will also allow customers to remediate risks using Web application firewalls that Verizon Business can monitor and manage.
AVS is a key component in Verizon's Application Security Program, which provides a programmatic approach to enterprise application security. The new AVS solutions offer companies a systematic way of safeguarding applications through a comprehensive three-pronged approach focusing on visibility (the ability to clearly see applications that may be at risk), flexibility (the ability to accurately prioritize assessments within tight budgets), and control (ensuring that managed Web application security processes are using mature, repeatable and consistent methods).
"Protection of Web-based applications tops our customers' security wish list, and rightly so as more companies Web-enable their corporate applications," Dr. Peter Tippett, vice president of innovation and technology at Verizon Business. "With our AVS service, Verizon Business will provide an enterprise-class solution that can easily and reliably be deployed without the need for expensive custom testing programs."
New Services Target Vulnerabilities Where it Counts
According to industry experts, nine out of 10 Web sites have at least one serious vulnerability that leaves them susceptible to being hacked. The Verizon Business "2009 Data Breach Investigations Report" found that of the 285 million compromised records from the 90 confirmed breaches studied, 79 percent were compromised via Web applications. The report also demonstrated that online data accounted for 99.9 percent of breached records.
Verizon Business' new AVS services deliver accurate, customizable Web site vulnerability information through an online dashboard that identifies and verifies customer threats and severity ratings using an advanced assessment methodology that virtually eliminates false positives. AVS can also help customers meet the PCI DSS (Payment Card Industry Data Security Standard) application-security testing requirements.
All three AVS solutions leverage WhiteHat Security's leading application vulnerability management SaaS platform.
Verizon Business uses its Web application firewall (WAF) capability to provide the company's complementary service to remediate risk. Once AVS has identified potential application security risks, Verizon Business can translate these risks into rules that are applied to the customer's application firewall to immediately block attacks. Customers can choose to manage their own WAF, or outsource it to Verizon Business.