 IT auditors and compliance officers are looking for a process to test security controls in their Web applications so that their Web applications are not exposed to vulnerabilities that can be exploited by hackers and attacks. AppScan® Standard Edition helps customers by integrating vulnerability testing into the Web application development process for new or existing applications. AppScan provides mechanisms for periodically testing against known vulnerabilities. IBM Rational AppScan Standard Edition is an industry-leading Web application security testing suite that scans and tests for all common web application vulnerabilities - including those identified in the WASC threat classification - such as SQL-Injection, Cross-Site Scripting and Buffer Overflow. - Provides broad application coverage, including Web 2.0/Ajax applications
- Generates advanced remediation capabilities including a comprehensive task list to ease vulnerability remediation
- Simplifies security testing for non-security professionals by building scanning intelligence directly into the application
- Features over 40 out-of-the-box compliance reports including PCI Data Security Standards, ISO 17799, ISO 27001, Basel II, SB 1386 and PABP (Payment Application Best Practices)
New and updated features in V7.7 are designed to streamline and simplify the processes of application security testing to help enable more users across the organization. Enhancements to this product include: | Feature | Benefit |
|---|
Scan Expert | Builds security intelligence directly into the product to help non-security professionals execute successful vulnerability assessments |
|---|
Microsoft® Word® template-based reporting | Provides a customizable framework for results reporting and helps improve the most time-consuming element of web application security testing |
|---|
State Inducer | Supports multi-step sequences (such as online shopping carts) to successfully automate the scanning of custom business logic |
|---|
| 
