Watchfire Announces New Security Zone Website and Free Web Application Security Developer Tools

>WALTHAM, MA and LAS VEGAS—July 27, 2005— Watchfire, a provider of software and services to manage online risk, including web application security, online privacy, quality and compliance, today announced the launch of its new Security Zone website at the BlackHat Conference in Las Vegas. In addition, the company also announced the availability of

Watchfire® PowerToolsâ„?, a set of free web application security developer tools.

The Watchfire Security Zone (http://www.watchfire.com/securityzone/default.aspx) was designed to serve as a single destination for targeted web application security resources. Security professionals can now access detailed web application security-related information on Watchfire’s subscription downloads, white papers, webcasts, recent and topical security news and critical vulnerability advisories captured by Watchfire’s security team. In addition, users are invited to contribute web application technical security articles and “best practices” tutorials to share with the security community and their peers.

“Watchfire’s Security Zone is a unique online resource designed for security professionals interested in keeping up to date on the latest web application security best practices, advisories, issues and trends,” said Michael Weider, founder and CTO Watchfire. “Additionally, we are pleased to provide free tools to further aid this community in their efforts to design and maintain secure web applications.”

The Security Zone will also host Watchfire® PowerToolsâ„?, a new set of free utilities designed to assist those who develop, test and debug web applications. PowerTools complement manual testing, offering application testers and developers more power, automation and efficiency than can be achieved through manual testing alone. Available for download in the Security Zone, the PowerTools suite include the following:

HTTP Proxy – An HTTP intercepting proxy which allows users to stop, edit and submit requests and responses between the client and the server. It includes the ability to write automated scripts in JavaScript using the utility API. This enables users to manipulate requests/responses automatically on the fly. HTTP Proxy also includes logging facilities for debugging of HTTP communications.

Connection Test – An HTTP pinging utility which helps website developers and auditors to test the connection between a client and a web server. Unlike the command PING, which uses the ICMP protocol (sometimes blocked by firewalls), Connection Test uses the HTTP protocol to communicate with the website.

HTTP Request Editor – An HTTP Request Editor that enables users to create specific HTTP requests and send them to a website. The editing can be performed either on the raw request, or by viewing the request in a parsed mode. The response to the request can be viewed either raw, or in an embedded browser.

Expression Test – A tool for testing regular expression patterns on a given text.

Encode/Decode – A utility that transforms text strings into several encoding methods, such as URL Encoding, Base64, 3DES, MD5, SHA1, HTML entities, Overlong UTF-8 and more.

About Watchfire
Watchfire provides software and services to manage online risk. More than 250 enterprise organizations and government agencies, including AXA Financial, SunTrust, Veterans Affairs and Dell, rely on Watchfire to monitor, manage, improve and secure all aspects of the online business including security, privacy, quality, accessibility, corporate standards and regulatory compliance. Watchfire’s alliance and technology partners include IBM Global Services, PricewaterhouseCoopers, TRUSTe, Microsoft, Interwoven, EMC Documentum and Mercury Interactive. Watchfire is headquartered in Waltham, MA. For more information, please visit www.watchfire.com.

Watchfire, WebXM, WebQA, Bobby, AppScan, PowerTools, the Bobby Logo and the Flame Logo are trademarks or registered trademarks of Watchfire Corporation. All other products, company names, and logos are trademarks or registered trademarks of their respective owners.