Identify and remediate web application vulnerabilities to reduce application risk
Rational AppScan Standard Edition software scans and tests for vulnerabilities and security defects with a desktop solution that delivers advanced web application security testing, broad coverage of the latest Web 2.0 technologies and ease of use for clients to get fast, reliable results.
Includes new glass box analysis for run-time analysis – a form of integrated application security testing (IAST) – that adds an internal agent to the application to monitor behavior during a dynamic scan and deliver new benefits such as: full coverage of OWASP Top 10 threats and line of code details for specific vulnerabilities to match proof of exploit with the precise defect that created the vulnerability
Enables clients to quickly and easily get results with work flows, configuration wizards and Scan Expert
Includes vulnerability descriptions and remediation guidance with every identified vulnerability to assist security testers engage with developers and correct the underlying security defect
Scans Web sites for embedded malware and links to malicious or undesirable sites
Provides customization and extensibility with the AppScan eXtension Framework, which allows the user community to build and share open source add-ons
Includes regulatory compliance reporting templates with more than 40 out-of-the box compliance reports including PCI Data Security Standard, Payment Applications Data Security (PA-DSS) (new), ISO 27001 and ISO 27002 (new) and Basel II