Dr. Dobb's is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Channels ▼

Jolt Awards

Jolt Awards: Security Tools

Jolt Product Excellence Award: Cenzic Hailstorm 6.5

In today's environment, risk assessment and vulnerability scanning is a must-have resource, not a nice-to-have. However, securing applications grows more challenging each day. Cenzic Hailstorm 6.5's new features meet that challenge remarkably well.

You  can get started with your testing with little effort. From settings, to built-in reports, Hailstorm blends features into an interface that is both functional and clean. One feature to assist you is Cenzic's SmartAttack Library, which consists of numerous assessment variations to save you the time of configuring scenarios by hand.

Hailstorm includes a comprehensive set of security analysis tools that give a clear picture, across the entire application, of where problems exist. For applications that deal with credit card processing, for example, Hailstorm includes PCI 6.6 testing and helps remove the guesswork from a regulatory compliance perspective. Other compliance testing features include GLBA, and AB 1950, among others. Weekly updates are provided, which allow you to keep up with the latest threats.

In addition to the interface for configuring and running assessments, Hailstorm uses an embedded browser to show you a hacker's point of view of vulnerabilities. This helps to put weaknesses in context and drive home the point that problems are real, and not simply an item on a list.

Vulnerability reporting is not done as a flat list of problems, but rather uses a user-friendly scoring system to identify the areas of greatest concern, so that those issues can be addressed first.  Congratulations to Cenzic Hailstorm 6.5!

— Jon Kurz

Productivity Award:  /n software's IP*Works SSL, S/MIME and SSH Component Suites

/n software jolts us again, this time in the security category. Last year, it won the Jolt Productivity Award in the Application Libraries and Frameworks category. Now, a subset of /n software's Red Carpet Subscription that focuses on secure data exchange, racks up another Productivity Award in the Security category. Their IP*Works! SSL, S/MIME and SSH component suites provide cross-platform, standardized routine calls for Macs, PCs, iOS and Android operating systems. The SSL component provides developers with a set of comprehensive SSL security and digital certificate management components, the S/MIME collection delivers seven secure file, mail and messaging components and the SSH suite makes connecting and managing data transfers over an SSH session a breeze. Collectively, these components dissipate the hassles programmers have to manage when dealing with secure connections, saving both time and sanity.

— Mike Riley

Productivity Award: Coverity Static Analysis

With the heightened degree of sophistication that malicious hackers use to identify and exploit software defects, it's important to have a tool that catches problems before these individuals can. Coverity Static Analysis is an excellent bug-hunting tool for C, C++, C# and Java developers that can scan through millions of lines of code in a single pass. With its ability to search for defects in a variety of ways coupled with a code behavior and an analysis engine that is being continuously tuned, the depth and breadth of code coverage that Coverity offers is stunning. The reporting of various bugs, their prioritization and impact on the overall product via Coverity's dashboards make assessment and correction of identified problems considerably easier.

— Mike Riley

Related Reading

More Insights

Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.