unit 1 - security appscan standard overview - 1 Security AppScan Standard overview 1 Security AppScan Standard overview Copyright IBM Corporation 2013

unit 1 - security appscan standard overview - 1 Security...

This preview shows page 1 - 5 out of 35 pages.

Course materials may not be reproduced in whole or in part without the prior written permission of IBM. © Copyright IBM Corp. 2013 1 1 Security AppScan Standard overview What this chapter is about This unit provides an introduction to IBM® Security AppScan® Standard capabilities, the user interface, and ways to use it in the software development lifecycle. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 1 Security AppScan Standard overview © Copyright IBM Corporation 2013
Image of page 1
1 Security AppScan Standard overview Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 2 IBM Security AppScan Standard Fundamentals © Copyright IBM Corp. 2013 Objectives Objectives After completing this unit, you should be able to perform the following tasks: Diagram the interactions between these components: ¡ IBM Security AppScan Enterprise Server ¡ IBM Security AppScan Enterprise Dynamic Analysis Scanner ¡ IBM Security AppScan Source ¡ Security AppScan Standard Describe Security AppScan Standard Summarize how to use Security AppScan Standard in the context of the software development lifecycle (SDLC) © Copyright IBM Corporation 2013 2
Image of page 2
1 Security AppScan Standard overview Lesson 1. Defining Security AppScan Standard Course materials may not be reproduced in whole or in part without the prior written permission of IBM. © Copyright IBM Corp. 2013 Student Notebook 3 V7.0 Uempty Lesson 1. Defining Security AppScan Standard Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 1. Defining Security AppScan Standard © Copyright IBM Corporation 2013
Image of page 3
1 Security AppScan Standard overview Lesson 1. Defining Security AppScan Standard Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 4 IBM Security AppScan Standard Fundamentals © Copyright IBM Corp. 2013 Application security testing techniques You cannot use one automated analysis technique to find all possible vulnerabilities. Each technique has its own strengths and weaknesses, which is the reason that a single-point tool is insufficient. To find the most vulnerabilities, you must employ all the analysis techniques available today. Two of these techniques are Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST). You can use them for scans, assessments, and results analyses, as described in the following lists: Scans DAST: Scans web applications and requires a starting point URL. If required, you must use login credentials. SAST: Scans source code and bytecode for security and quality issues and requires access to source or bytecode.
Image of page 4
Image of page 5

You've reached the end of your free preview.

Want to read all 35 pages?

  • Spring '16
  • PR. LANGAT
  • Computer Security, IBM Corp., Copyright IBM Corporation, Security AppScan Standard

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture