Introducing HP QAInspect 5.0

HP QAInspect completes the third pillar of Application Lifecycle Optimization.  Does it work?  Does it perform?  Is it secure?  Built on the foundation of the award-winning application scanning technology in HP WebInspect, QAInspect enables quality professionals to fully manage the process of finding and fixing security defects early in the application lifecycle. This ability to manage security defect testing early in the application lifecycle mitigates risk in the application, saves money on revisions over the life of the application, and produces more holistic data  for a Go/No Go decision.  The upcoming release of HP QAInspect 5.0 extends the already robust integration with Quality Center with the following new features:

Defect Staging

New in QAInspect 5,0 is a staging area to vet vulnerabilities before they are added to the defect table within QC.  Users can fully test and validate all vulnerabilities found by the scan to ensure that application developers are only spending development cycles fixing confirmed defects. 

Defect Consolidation

Vulnerabilities found during a scan can now be viewed as a consolidated list, grouped by application page or defect type.  For example, a user may view all vulnerabilities found on the login page of an application.  Similarly, a user may view all Cross-Site Scripting vulnerabilities or all SQL Injection vulnerabilities grouped into a single pane.  The ability to group vulnerabilities allows users to more quickly log specific defects and assign defect tasks to developers with greater accuracy.

Folder Restrictions

Restrict the crawl and audit of a scan to a particular folder. This allows much more granular control of the testing allowing for better targeted security testing. Once a particular application section has been audited and all security issues mitigated to an acceptible degree it can be moved to regression; focusing new security testing and fixes on new functional areas of the application.

Parameter Highlighting

As the size and complexity of web application pages grow the ability to quickly find a specific parameter within a vulnerable page becomes a greater burden.  In order to eliminate the time wasted by developers searching a page for a particular vulnerability all defect reports now highlight the specific vulnerable parameter within the HTTP Request/Response pair.  Developers can easily find the vulnerable part of the application and apply a fix with limited downtime.

Trial License Now Available (Click Here)

This release includes a trial license allowing Quality Center customers to download and evaluate QAInspect for 15 days; enabling them to make better purchase decisions.  Talk to your sales representative for more details.