| Visual Studio .NET Integration Advantages |
Complete Integrated Development Environment with AppScan DE
- AppScan DE Projects, Configurations, and Test Runs
- Logical organization of all security unit testing projects and configurations.
- Test run results stored chronologically and stamped with date and time for quick results comparison.
- Multiple Language Support
- Automatically test web applications written in any language supported by Visual Studio .NET including C#, C++, and J#.
- Integrated Results and Recommendations
- Review test results and fix recommendations directly from within the Visual Studio .NET development environment
|
| Integration Advantages with WebSphere Studio 5.0, Eclipse 2.0/2.1, JBuilder v8, and Visual Studio 6.0 |
- Streamlined security testing - AppScan DE is configured and launched as normal part of workflow from within IDE using native IDE Plug-in.
- User can set default values for the scan properties, or change them on the fly for every scan.
- Single click scan automatically tests web applications written in any language/environment supported by the IDE including Java, EJB, Servlets JSP, HTML, etc.
- Provides customizable configuration settings to enable efficient security testing as part of the development cycle.
- Review 'developer centric' test results and specific inline real time fix recommendations.
|
| Configure |
Save time with Precision Script Creation and Security Unit Testing
- Configure and Launch Security test from with the IDE
- Customizable configuration settings to enable efficient security testing
- Automatic: Test creation, execution, and validation process
- Manual: Control the scope, depth and application interactions of test manually
- Business Process Record and Play
- Target specific business processes for unit testing
- Test Filtering
- Saves time: focus tests on specific type or subset of defect, or area of application
- Advanced Web Form Options
- Automatically submits values for every form field detected
- Form parameter values are fully customizable
|
| Test |
Built in intelligence delivers comprehensive defect analysis for maximum results
- Patented Policy Recognition Engine learns intended data input validation processes
- Automatically authors customized test scripts for every potential security defect it detects based on application logic and structure
- Precisely evaluates application response to each test identifying location of each defect
- Auto-Transient Detection
- Consistent testing in stateful environments
- Login and Logout Handling
- Manages and maintains authentication settings on the fly
- Automated form fill
- Stores default values for automated form fill to ensure a complete scan
|
| Recommend and Report |
Fix Recommendations Help Developers Build Secure, Quality Applications
- In-line fix recommendations and detailed description for every defect
- Real time training for both .Net and Java with specific fix recommendation including secure coding examples and suggestions
- Defect pinpointing provides location of each defect
- Interactive Results Displays enable drill down for granular analysis of each test and response
- Code Sanitation and Content Review
- Details of every script detected including comments in source code, cookie contents, and JavaScript
- Reports
- Executive summaries and detailed information relating to each defect
- Export results in standard CSV format
- Test Run Comparisons
- Measure effectiveness of fixes against results of previous test run
|
|
|
| Strategic Partner Solutions |
|