Category Archives: Dynamic Application Security Testing

It’s (A)live! Risk I/O Now Integrates with NTOSpider

rhuber    March 19, 2013

Hot on the heels of our filtered dashboard  and patch reports feature releases, we’re announcing our latest security tool integration. Risk I/O can now integrate with the NTOSpider dynamic application security testing (DAST) solution. Adding NTOSpider to your selection of Risk I/O connectors allows you to leverage its unique capabilities to detect vulnerabilities within your applications. With NTOSpider, you can scan… Read more »

Our Latest Integration

Ed Bellis    March 26, 2012

Hot on the heels of launching role-based access control which allows you to control who has access to what in Risk I/O (all the way down to the vulnerability level), we have added integration with a new vulnerability assessment tool. (Drum roll please…) We are happy to announce that integration with the Burp Scanner is now available in Risk I/O! For… Read more »

The Scanner That Cried Wolf

Ed Bellis    January 5, 2012

Dealing with false positives during a vulnerability assessment is a fact of life. As applications and infrastructure grow larger and more complex, the likelihood of running into these Type I errors increases along with it. Although these issues become more commonplace as you grow, there are a number of known ways to help decrease the amount of false positives that are produced… Read more »

SAST And DAST Like Peanut Butter and Jelly

Ed Bellis    October 3, 2011

Today, our development team added HP Fortify integration with Risk I/O. HP Fortify is a static analysis tool that looks at the source code of an application to identify security flaws within. Fortify’s Static Application Security Testing (SAST) results provide an inside-out view of the vulnerabilities that exist in a software program compared to Dynamic Application Security Testing (DAST) that… Read more »