Security Testing in Application Lifecycle
Deliver Quality Secure Applications On-Time with AppScan 3.5 |
Instead of searching for security defects manually, developers and testers use AppScan 3.5
to detect security defects automatically as an integrated component of enterprise development
and testing processes. AppScan automates the test script creation, modification, and maintenance
process and ensures reliable and repeatable testing. After it runs these tests,
AppScan's analytical tools and reporting functions simplify result communications with
developers. By reducing the number of development cycles and associated downtime
caused by security defects found in production, secure applications are deployed faster
for less money and the enterprise dramatically improves the utilization of QA and
development resources.
|
Detect Security Defects Automatically |
With AppScan 3.5, testers don't need to write, modify, and manage test scripts.
AppScan's patented Dynamic Policy Recognition Engine automatically creates an
unparalleled number of customized tests for the following application-specific
security defects:
- Cross-site Scripting
- Parameter Tampering
- Hidden Field Manipulation
- Backdoors and Debug Options
- Stealth Commanding
- Forceful Browsing
|
- Application Buffer Overflow
- Cookie Poisoning
- SQL Injection
- HTTP Attacks
- Suspicious Content
|
|
Key Features |
- Advanced validation mechanism delivers the widest array of attack variants
to test, validate and provide fix recommendations for application security defects
- Integrates seamlessly into any testing environment
- Command line execution
- Concurrent tests
- Accelerates the testing process through automatic test creation and modification
- Business process (use case) Record and Play
- Patented Security Policy Recognition Engine
- Instantaneous feedback of actionable results eliminates fix delays
- Comprehensive S.A.F.E. solution provides 360-degree view of application behavior
and structure
- JavaScript Explore
- Code Sanitation and Content Review
- Transient Management System
- Custom Error pages
|
AppScan Diagram
What The Market Has To Say |
|
"By providing a tool to help Web application developers find holes in their
code before it goes live, AppScan goes a long way toward stopping one of the main
causes of security problems before they happen."
Eric Lindquist
eWeek
|
|
|
|
Strategic Partner Solutions |
|