Parasoft dotTEST offers a new Security Compliance Pack with complete support for the OWASP Top 10 and most comprehensive CWE support for .NET developers
Monrovia, CA – Parasoft, the global automated software testing leader, today announced the latest release of Parasoft dotTEST, their integrated .NET development testing solution that includes static analysis, security testing, coverage analysis, and unit testing traceability. The newest release, version 10.4.1, provides significantly expanded support for security coding standards and introduces a new Security Compliance Pack that delivers actionable compliance reporting for OWASP, CWE and UL-2900 to .NET development teams.
Learn more about the release on the blog: https://www.parasoft.com/blog/build-security-into-your-net-application/
Many organizations today are bound by constraints around privacy and access (e.g., GDPR, PCI, PII), federal regulations, and mandated oversight, as stated in the recent SANS Institute report, “2018 Secure DevOps: Fact or Fiction?” To ensure a successful DevSecOps strategy, it is critical to integrate automated security testing into the build, delivery tools, and workflows. The report states, “Continuous vulnerability scanning can be (and should be) embedded into automated build/deployment pipelines in continuous integration and continuous delivery to catch problems as soon as they are introduced.”
The latest release of dotTEST focuses on helping organizations address these modern security challenges and mitigate the business risks inherent in today’s applications. The new Parasoft dotTEST Security Compliance Pack is configurable to organizations’ specific needs, running static analysis scans on premise as a part of an automated process, and then automatically generating customizable reports to demonstrate compliance to security standards. The Security Pack provides most complete support for both the OWASP Top 10 and for CWE standards in the industry. The introduction of new dashboards and reports gives organizations a dynamic view into the risk and impact of non-compliance, along with the reports required to support security audits.
“Many of today’s enterprise applications rely on the .NET platform,” said Mark Lambert, VP of Products at Parasoft. “This release is focused on putting comprehensive security analysis into the hands of development teams building those applications — and doing so in a seamless way that integrates effortlessly into their existing quality process.”
Parasoft dotTEST is certified as CWE-compatible by MITRE and used by organizations worldwide to ensure the delivery of safe, secure, and reliable .NET applications. It is available as a plugin to the Visual Studio IDE and designed to be executed as part of the CI/CD pipeline using its command-line interface and plugins available for Jenkins, Bamboo, TeamCity and Azure DevOps.