AppScan QA delivers predictive reproducible results that QA personnel can use to
test applications during the development lifecycle. With tools such as delta and
trend analysis, defect changes can be determined against a baseline to develop
accurate analysis, especially in changing development environments. With the AppScan QA
automated results analysis, testers can quickly identify the type, severity, and
area (application or administrative) of vulnerabilities. Security can be complex to
understand, AppScan QA allows QA personnel to focus on their core competency of testing.
AppScan's detailed defect analysis advisories translate technical details into business
terms suitable for a range of audiences, including development management. For testers
or developers who desire comprehensive understanding of the defects, AppScan QA provides
detailed views of the test, the response, and suggested fix recommendations. In addition
to testing for common web vulnerabilities and application specific vulnerabilities,
AppScan QA can also test any web-based XML/SOAP application or environment. This allows
immediate testing on new infrastructure technologies. Finally, AppScan QA provides tools
such as API's and Command Line Interfaces to facilitate integration with existing
testing environments and to allow third party tools to interact, and even launch, scans
automatically. In summary, AppScan QA:
Facilitates Communication across the development lifecycle
- Best of breed results communication: Understand, communicate and measure
- Enhanced reporting functionality with XSLT templates
Automates Regulatory/Directive Compliance Assurance
- Built-in U.S. regulations
- Built-in European directives
- User-defined compliance reports
Enhances S.A.F.E. Leadership (Speed, Accuracy, Flexibility and Efficiency)
- Accurate security assessment for the power user
- User defined controls for intelligent testing
AppScan 4.5 QA Edition delivers seamless integration into existing
test systems, automation to deliver predictive, reliable results and output to all
standard defect tracking and analysis/management systems. Key features include:
Automated Intelligent Security Testing |
|
Patented validation engine creates customized test scenarios, delivers widest array of attack variants to test & validate defects � and approve for release candidacy |
|
User-defined controls drive intelligent testing for all skill levels |
|
Regulatory Compliance Verification and Reporting |
|
Built-in compliance reporting for regulatory, directive, and corporate policy pre-validation |
|
Built-in Compliance Reporting for Regulatory, Directive, and Corporate Policy Pre-validation |
|
Detailed reports with remediation feedback on security defects |
|
Results Communication: Understand, Communicate, Measure |
|
Delta, trend and regression analysis for security defects |
|
Actionable results thru comprehensive fix recommendations |
|
Common reporting language across groups/departments |
|
Identify and translate defect root cause into business risk |
|
|
Strategic Partner Solutions |
|