IBM launches new web app security tools

Web applications are increasingly being targeted by hackers

IBM has launched a new integrated system of tools designed to protect firms from web application attacks, improve security management and reduce the number of vulnerabilities in web app code.

IBM Proventia SiteProtector 8.0 integrates a consolidated security management system with the firm's Rational AppScan web app vulnerability and secure code testing tool, and its new web application protection module for network and host intrusion prevention systems.

The integration of all three elements offers such benefits as being able to calculate if certain attacks are likely to expose known vulnerabilities in the web app layer, as well as enabling a common workflow system for managing security incidents and reduced security management operational costs, said IBM.

The firm's latest stats from its X-Force security division found the web application layer under continuing attack in the first half of this year. The IBM X-Force 2009 Midyear Trend & Risk Report, which will be released later this month, found a 50 per cent rise in SQL injection attacks in Q1 2009 compared to the previous quarter.

"Web application security is one of the top pain points for enterprises today, and only IBM can offer a comprehensive solution designed to help turn the tide against SQL injection and other web application attacks," said Dan Powers, vice president of business strategy at IBM Internet Security Systems.

"Additionally, our integrated approach to security may help to reduce costs and simplify security management, which can ultimately reduce opportunities for human error and improve overall security posture."