product datasheet
White paper -
Taxonomy of XML attacks
Testing for XML applications
Vordel SOAPbox allows developers to test the performance, scalability, and security of Web Services. Using SOAPbox, a developer can test how Web Services perform under load, how they deal with unexpected input, and what their traffic ceiling is.
Vordel SOAPbox highlights security tokens, XML Signatures, and encrypted content in XML documents. SOAPbox supports established security technologies such as SSL and HTTP-Auth, as well as next-generation security technologies such as WS-Security and SAML.
Testing Integrated Windows Authentication (IWA) for IIS, Internet Explorer and Firebox.Before SOAPbox, it was notoriously difficult to test Integrated Windows Authentication between browsers and the Microsoft IIS web server. SOAPbox fills this need, by allowing SPNEGO tokens to be created for testing the identity propagation between browsers and Microsoft IIS web servers. The underlying technology is Kerberos, but SOAPbox shields the user from the inherent complexity of Kerberos.
WS-Security Kerberos Token ProfileSOAPbox provides the ability to insert Kerberos tokens into SOAP messages, according to the WS-Security specification. This allows SOAPbox users to create automated test suites for testing Kerberos protected Web Services.
Streamlined test suite creationVordel has minimized the number of “clicks” between loading a test message and creating an automated test suite to test a Web Service.
Traffic simulationVordel has simplified stress testing of Web Services by providing a new Vordel Stress Testing utility. This enables customers to push Web Services to their limit. A Vordel Gateway can then be used to ensure that Services will maintain their service levels under load.
Scriptable “headless” environmentSOAPbox test suites can now be in a scriptable, “headless”, environment to aid fully automated regression testing of Web Services.
Penetration Testing Click to enlarge: Example penetration
testing screenshot |
Use SOAPbox to mimic potential attack paths by automatically injecting malicious content into XML messages. Malicious content attack types include SQL Injection, XPath Injection and Message value fuzzing.
Stress test your Web ServicesHow do your Web Services perform under stress? What are your Web Service's traffic ceilings? What happens when they receive more traffic than they can cope with? Vordel SOAPbox answers these questions with comprehensive Web Services stress testing.
Traffic simulation to test your application infrastructureUse SOAPbox to create and run your own battery of tests against internal application servers and ESB (Enterprise Service Bus) platforms.
Sample SOAP messagesGet started quickly with pre-built SOAP messages provided as standard.
Broad Security Standard support
 Click to enlarge: Example insert
WS-Security Token |
SOAPbox creates signed and encrypted XML messages without any requirement for coding. It supports SSL, WS-Security, and SAML.
Test Federated Identity deploymentsSOAPbox creates all three types of SAML assertions in order to test them against Federated Identity infrastructure. Creating SAML assertions using SOAPbox is significantly more simple than using a programming toolkit for the same purpose.
Test XML, REST, or SOAPNon-SOAP Web Services can be tested using SOAPbox (despite its name!). In addition, Web Services which are called using directly by browsers or using the XMLHttpRequest object can also be tested using SOAPbox.
Vordel SOAPbox datasheet
This site, and all contents and graphics, copyright © 1999 - 2009 Vordel Limited | Legal notices | Privacy policy