hypersource


Main Menu

hyperguard 30 Tage testen?


Cloud AppSec

Cloud computing was not designed for security, although organizations such as Cloud Security Alliance (CSA) and Open Web Application Security Project (OWASP) are making great strides in helping the industry solve the myriad security problems confronting cloud computing. The benchmark guidelines established by the CSA in the document, Guidance for Critical Areas of Focus in Cloud Computing, is a great first step. This white paper is intended to pick up where the CSA guide left off in terms of defining what a distributed web application firewall (dWAF) should look like in order to meet the standards set within the CSA document.

 

Get the Cloud AppSec Whitepaper here

Home  Products  hypersource

What is hypersource?

  • hypersource is a source code analyzer which identifies and removes security-related vulnerabilities in Web applications.
  • The automation capability allows vulnerabilities to be detected early in the development process and thus to be removed quickly and economically.
  • The analysis function rates the detected vulnerabilities in accordance to their risk level and points out all affected locations in the source code to the developer. A traceback function shows the propagation of the vulnerabilities through all relevant components of the application.

Components

hypersource is an appliance and consists of two components:

  • hypersource Enterprise
    • provides a Web-based user interface; requires only a conventional browser on the user side
    • can be deployed throughout the enterprise without software installation
  • hypersource Workbench
    • is a plugin for your IDE; source code can be scanned, analysed and fixed without leaving the IDE
    • needs to be installed locally, but sends the data to be analysed to the central appliance and therefore no significant local system resources are required

 

hypersource

The Automatic Source Code Verification tool identifies and recommends fixes for security flaws in source code during the early stages of the Web application development process.

What are the benefits to your company?

  • With hypersource you can detect all vulnerabilities in all Web applications for which you have access to the source code.
  • Scans are automated, so they can be done regularly.
  • Accordingly, problems are detected early and can be rectified using minimal resources.
  • Reports document your development procedure.

In the end you get better, secure software at lower development cost. Compared to a downstream verification process, you cut project times.

What are the benefits to you personally?

With hypersource:

  • You are always in control of your project's security issues
  • You save time
  • You deliver flawless quality
  • You stay at the cutting edge of technology and enjoy continuous improvement

What input does the system need?

  • hypersource automatically loads the source code from a repository or from the file system.
  • A scan is either initiated manually or automatically based on a schedule that you have created

What output do you get?

When running the analysis, hypersource first forms an overall image of the code, analyses all the functions and systematically searches for vulnerabilities. These vulnerabilities are then traced back step by step and checked for their severity, depth and scope.

The outcome of a scan is:

  • you can see all the vulnerabilities and entry points that were found, listed according to their severity
  • you can trace back a vulnerability through the source code, step by step
  • you can skip straight to the affected line of code and remove the error
  • you get comprehensive statistics and reports
  • you can also export the results of a scan in order to test your Web application externally, to protect your web application with the web application firewall hyperguard, if you do not have the resources available immediately for bugfixing