SOURCE: Cenzic

June 27, 2005 09:00 ET

Cenzic Announces Major Enhancements to Its Breakthrough Hailstorm Product

Leading Automated Application Security Assessment Solution Delivers New Levels of Speed, Performance and Ease of Use

SANTA CLARA, CA -- (MARKET WIRE) -- June 27, 2005 -- Cenzic, Inc. today announced the latest version of its leading application security assessment solution, Cenzic Hailstorm 2.5. Hailstorm helps organizations automate the process of testing applications for security vulnerabilities, enforce internal security policies and promote compliance with regulatory requirements. The latest version extends these benefits by further automating the security assessment process and delivering significant advancements in speed, ease-of-use and flexibility.

An increasing number of enterprises today rely on web-based applications to conduct mission-critical business. As a result, information security managers and directors are faced with the enormous responsibility of keeping web applications secure from a range of security threats. These threats, coupled with an increasing body of governmental regulations, create an overwhelming and sometimes insurmountable situation for information security teams that rely on costly and time-consuming manual assessment methods.

"Since the launch of Hailstorm, we have worked closely with customers to identify ways to make the application security and compliance assessment process easier, more cost-effective and less burdensome on already taxed development, QA and information security teams," said Mandeep Khera, vice president of marketing at Cenzic. "Customer feedback has led directly to enhancements in ease-of-use, speed, flexibility and an even more comprehensive Attack Objects library. Hailstorm has already established itself as the most accurate product in the industry, and these improvements further solidify the fundamentals while adding more user-friendly features and robustness to the Attack Objects library."

Cenzic Hailstorm is the industry's first solution to emulate the way real hackers work in order to test applications for security vulnerabilities and compliance issues. This automated and revolutionary approach to vulnerability management and penetration testing allows Cenzic to deliver to large organizations the benefits of manual assessments with significantly lower costs and time commitments. By emulating real-world hacker behaviors and assessing applications in a stateful manner, Cenzic provides companies with highly accurate results without the "false positives" often associated with scanning-based solutions.

Cenzic Hailstorm's unique Stateful Assessment™ approach empowers companies to accurately assess the security and compliance of both commercial and custom applications, as well as test for application logic issues and policy compliance for both internal policies and regulatory standards such as GLBA, SB 1386, Sarbanes-Oxley and many others.

Pricing and availability

Cenzic Hailstorm 2.5 is a scalable enterprise software product. Similar to a manual security assessment, pricing is based on number of applications, but at a fraction of the cost of a manual penetration test. All existing customers will get the new version as part of their upgrade process.

About Cenzic

Cenzic provides Hailstorm®, the breakthrough enterprise software suite for automated application security assessment and compliance that allows corporations and government organizations to dramatically improve the security of commercial and custom applications. While automating the vulnerability management and penetration testing process for web applications, Hailstorm enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities, and verify compliance with security policies. Benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Cenzic's customers are currently in the financial services and e-marketplace sectors. For more information visit

Contact Information

    Jason Throckmorton or Jesse Odell
    Email Contact