The SPI Dynamics Assessment Management Platform (AMP) is an appliance-based offering. The core component of the AMP offering is the WebInspect application, which is well known in the industry as a leader in the application vulnerability space. AMP builds on the traditional WebInspect application to create a hierarchy to allow for users in different roles — such as a CIO, security administrator, security tech, engineering manager, QA tester and a developer — to have defined permissions to the Assessment Management Platform. Each user role can run subcomponents or all components of the WebInspect software, which looks for the security vulnerabilities in published web code. Administration and use of the AMP appliance take place through a web browser and a user id/password combination.

The installation of the Assessment Management Platform appliance was a little more difficult than other appliances we have tested in the past. The appliance was built from standard Dell hardware that was easy enough to use, but since the appliance is Windows-based, we missed some of the common Linux appliance features, such as a configurable front panel to set basic functions (IP address, netmask and default gateway). We had difficulty finding an appropriate DVI adapter to bridge the connection to our SVGA flat panels. Once again, a Linux-based operating system underneath would allow for a terminal console into the device making the onboard video unnecessary.

SPI Dynamics offers pre- and post-sales support, education and training, as well as a self service portal to a knowledge base.

The pricing for Assessment Management Platform begins at $60,000, so this places the Assessment Management Platform at the upper end of the price spectrum. For many smaller organizations, the cost may be prohibitive and the lesser cost of WebInspect may be a better value.

SC Magazine awards the Assessment Management Platform its Best Buy.