SOURCE: Cenzic

June 12, 2006 08:30 ET

Cenzic Unveils "No Website Left Behind™" Initiative to Ensure All Companies Have the Opportunity to Secure Their Web Sites

Program's First Installment Invites Customers Using Application Vulnerability Management Tools or Services From Other Vendors to Confirm Their Web Application Security Assessment Results Through "Free Validation" Program

SANTA CLARA, CA -- (MARKET WIRE) -- June 12, 2006 -- In response to a rising number of high profile attacks targeted at web applications and mounting feedback from information security professionals who indicate that many solutions on the market do not adequately address application security threats, Cenzic, Inc. today announced a new program that allows companies to receive a complimentary application security assessment to validate their results from other sources. This "Free Validation" is a part of Cenzic's "No Website Left Behind" initiative, which will be comprised of many programs to be rolled out in the coming months to complement the company's Hailstorm and ClickToSecure solutions.

Aimed at enterprises, universities, government, and other agencies that rely on costly and ineffective manual testing or first generation application security assessment tools, the "Free Validation" program offers these organizations the ability to test one application which has been tested with another tool or service for free via Cenzic's ClickToSecure™ Software as a Service (SaaS). Ultimately, this program is designed to help security teams validate the success of their existing testing methods and plug the holes that are commonly left exposed due to outdated or cost prohibitive testing techniques.

Cenzic ClickToSecure overcomes the challenges created by the open and inherently insecure nature of the web as a business platform by bringing together Cenzic's leading automated assessment technology and professional services expertise to provide highly accurate and cost-effective application security analysis. ClickToSecure enables customers to minimize the risk of running critical business applications via the web by addressing emerging application threats and minimizing the business impact of application security initiatives.

"With web applications constantly evolving, finding vulnerabilities is a challenging, costly and time-consuming undertaking," said Mandeep Khera, vice president of marketing for Cenzic. "Despite significant investments in testing solutions, many companies find they can't keep pace with the high rate of change in the threat environment due to deficiencies in their existing security analysis solutions, which suffer from a very high number of False Positives and False Negatives. The 'Free Validation' program offers these companies an easy and non-cost prohibitive way to fill the void left by their current application security programs while helping to ensure regulatory compliance and reduce the financial risks associated with applications attacks."

As the first installment of Cenzic's "No Website Left Behind" initiative, the "Free Validation" program is effective immediately and extends until September 30th, 2006. Interested parties should visit for more details. Cenzic will unveil additional programs throughout the year in building upon its commitment to provide the most comprehensive solutions for web application vulnerability testing to as many web sites as possible.

Cenzic is the only company in the industry to have both a state-of-the-art software solution, Cenzic® Hailstorm®, and a managed service (SaaS), ClickToSecure™, allowing enterprises the flexibility to use either solution or both based on their needs. These offerings help companies protect their web-based applications from potential security threats by emulating the way real hackers work in order to test applications for security vulnerabilities and compliance issues. Using a Stateful Assessment™ approach, Cenzic provides companies with highly accurate results without the "false positives" often associated with the first-generation application scanners, as well as tests for session management, application logic issues, and policy compliance for internal policies and regulatory standards.

About Cenzic

Cenzic is a leading provider of the next-generation enterprise software and a leading Managed Service offering for automated application security assessment and compliance that allows Fortune 1000 corporations, mid-sized corporations, and government organizations to dramatically improve the security of web applications. Cenzic® Hailstorm®, the most accurate and extensible product in the industry, enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities. Hailstorm benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Cenzic ClickToSecure™ service is one of the industry's first Software as a Service (SaaS) to combine the power of an enterprise-class application security assessment product with the flexibility of a managed security service. Cenzic Assessment Methodology completes the solution with a state-of-the-art business process consulting service to help customers improve their application security methodologies. Cenzic solutions are the most accurate, comprehensive, and extensible in the industry. Cenzic's current focus includes financial services, e-retail, healthcare, and government sectors. For more information, visit

Contact Information

    Jason Throckmorton
    Melissa Biles
    Email Contact