ThreadFix Thursday: Improved WAF Support, Command-Line Client, Portuguese Coverage

threadfix

It has been a busy two weeks working on ThreadFix:

  •  We’ve added Spanish to the list of language where we’ve seen ThreadFix coverage. This article on Under-Linux.org talks about ThreadFix. I believe it is mostly a translation of the @PenTestIT coverage from a week or so ago. Bueno! [UPDATE: Actually, it’s been pointed out to us that the article is actually in Portuguese. Optimo!]
  • We have a number of updates rolled into an updated build (beta8) This includes a couple of bugfixes and UI enhancements as well as some new functionality I’ll detail below.
  • We’ve done a lot of work on WAF support and have added (very early alpha) support for a couple of new commercial WAFs. Look for an upcoming post detailing our test lab environment as well as new supported platforms. We’re really excited about our universal virtual patching support and we see this as a great way to get software security teams working more closely with security operations teams. More to come!
  • We also have started creating a command-line client to make it easier to integrate ThreadFix into software builds as well as other processes. We’ve had a REST API for some time, but the Java-based command-line client should make it even easier to automate different ThreadFix capabilities such as uploading scan results.

So we are still plugging along. Please keep testing and sending bugs and feedback. Contact us if you have any questions or comments.

–Dan

dan _at_ denimgroup.com

@danielcornell

Posted via email from Denim Group’s Posterous

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *