tag:blogger.com,1999:blog-13756280.post6913063159130622461..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: (Fortify + WhiteHat = Fortify on Demand) or (1 + 1 = 3)Jeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-13756280.post-27910656871724869912010-06-15T23:12:03.119-07:002010-06-15T23:12:03.119-07:00@Yves, We are moving towards having the Sentinel w...@Yves, We are moving towards having the Sentinel web-interface (including the XML API) made available to Fortify on Demand customers. Its been a popular request, so its coming very soon.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-76173737132538653612010-06-14T13:39:56.883-07:002010-06-14T13:39:56.883-07:00So with Fortify on demand, do we benefit from all ...So with Fortify on demand, do we benefit from all the integration capabilities of Sentinel (e.g.: Archer) ?Unknownhttps://www.blogger.com/profile/08748755464844207491noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-19956420151323306372009-12-25T14:00:07.555-08:002009-12-25T14:00:07.555-08:00HI Nitish
Webscrab, Burp suite , Web Inspect .
...HI Nitish <br /><br />Webscrab, Burp suite , Web Inspect .<br /><br />Appscan , Paros Proxy , N-stalker <br /><br /> and other free tools (code crawler, xss shield , sqlinjectme ,ssldigger and etc <br /><br />Proxy Based tools <br /><br /><br />Regards<br /><br />Srinivasan M.SAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-48280265007800267822009-12-24T10:39:45.367-08:002009-12-24T10:39:45.367-08:00@Nilesh,
Fortify on Demand and by extension White...@Nilesh,<br /><br />Fortify on Demand and by extension WhiteHat Sentinel are not really "tools", but more "services" designed to do the work for you. If you are looking for a software product, then you might want to investigate Fortify 360, and maybe one of the many dynamic analysis scanners on the market. <br /><br />Hopefully this answers your question.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-91058277008455080552009-12-23T22:44:32.326-08:002009-12-23T22:44:32.326-08:00Hi Jeremiah,
I am working as a Security Analyst wi...Hi Jeremiah,<br />I am working as a Security Analyst with a Fortune 100 company. <br />I have profile of VAPT in my company and looking for some more tools<br />Can you tell me exact features of this product and how SaaS is different from conventional products? I want a brief walk through of this product.<br /><br />Thanks,<br />Nilesh<br /><br />http://nileshkumar83.blogspot.comNilesh Kumarhttps://www.blogger.com/profile/00738280328252168832noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-89278895728383997952009-12-23T09:50:44.868-08:002009-12-23T09:50:44.868-08:00Doubtful anyone would be out of a job as a result ...Doubtful anyone would be out of a job as a result of the offering. Finding vulnerabilities or missing controls in the code is just one part of the appsec work flow. Someone still has to actually fix issues, perform root cause analysis, make tactical risk recommendations and drive the process.<br /><br />hit me with an email (my_first_name -at- my companies domain name) and I'll make sure pricing info gets to you.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-84053123473176282662009-12-23T09:45:34.168-08:002009-12-23T09:45:34.168-08:00Really looking forward to seeing what this service...Really looking forward to seeing what this service looks like and getting some pricing info. If I could convince my boss to go this route, I could be out of a job.Anonymousnoreply@blogger.com