NT OBJECTives Offers Freeware to Strengthen Overall Website Security

Combined Solution Identifies Website Security Exposure and Vulnerabilities

Targeted by Hackers

May 17, 2005, 01:00 ET from NT OBJECTives

    IRVINE, Calif., May 17 /PRNewswire/ -- NT OBJECTives, a leading innovator
 in Web application security, today releases two new freeware tools, NTOinsight
 2.0 and NTOweb. By combining NT OBJECTives' leading automation and software
 intelligence features with Nikto's comprehensive database of attack
 signatures, these new tools create a freeware offering that exceeds many
 commercial software product capabilities.
     "We have been using NTOinsight since version one was released six months
 ago," said Scott Wilson, Partner at Marathon Consulting. "It provides us with
 useful HTML reports which are distributed to development, QA, security, and
 management to improve all aspects of our websites, especially security. It's a
 pretty impressive tool, especially for freeware."
     The combination of NTOinsight 2.0 and NTOweb strengthens overall website
 security by raising awareness of threat exposure and the existence of common
 vulnerabilities. NTOinsight scans websites and analyzes site content,
 architecture and external interdependencies, enabling a user to visualize site
 exposure and attack vectors. New features to NTOinsight 2.0 include updated
 crawling, improved JavaScript parsing, proxy support, HTTP Basic and NTLM
 authentication. NT OBJECTives' newest tool, NTOweb, is a free vulnerability
 assessment plug-in to NTOinsight that works with the Nikto vulnerability
 database to detect over 3,100 web server vulnerabilities.
     "Over 110,000 people have downloaded security tools from NT OBJECTives,
 including 10,000 downloads of NTOinsight 1.0," said Mike Shema, CSO of NT
 OBJECTives and author of numerous web application security books including the
 recent Hack Notes:  Web Security. "Considering other companies sell the
 features available in NTOweb for thousands of dollars, we expect this new tool
 to be the most popular one yet."
     About NTOinsight 2.0
     NTOinsight is a free command-line website analysis tool capable of
 scanning even the largest websites:  analyzing site content, architecture, and
 external interdependencies. NTOinsight crawls all site links/resources and
 catalogues them with their resource attributes (i.e. file type, forms, mail
 ids, applets/objects, hidden fields, cookies, authentication, SQL connections
 and more). NTOinsight generates XML and HTML reports that graphically
 communicate all findings, including web server platforms, response codes,
 resource details and site interdependencies (links leaving the domain, passing
 information, etc.). Furthermore, NTOinsight identifies "Attack Points"
 targeted by hackers, thus communicating the extent of site threat exposure.
     About NTOweb 1.0
     NTOweb is a freeware vulnerability assessment plug-in for NTOinsight that
 scans for the more than 3100 known vulnerability signatures in the Nikto
 database. Capable of automatic updates from the Nikto database, NTOweb
 assesses over than 625 web server platforms, and is one of the most
 comprehensive and well-supported web server vulnerability databases available.
 NTOweb reports are automatically included within NTOinsight scan reports and
 are built off of NT OBJECTives' industry leading designs.
     About NT OBJECTives Inc.
     Headquartered in Irvine, CA, NT OBJECTives is an innovative provider of
 comprehensive application security solutions designed to help organizations
 discover threats, analyze risk and develop sound security strategies. Its
 unique technology provides automated and accurate application vulnerability
 assessment, while its world-renowned team of security professionals provides
 expert knowledge transfer and technical services to help businesses
 understand, build and achieve application security compliance.
      Heidi Rosenberg
      Nadel Phelan, Inc.
      Erik Caso
      NT OBJECTives