Rational AppScan Source Edition
Features and benefits
AppScan Source Edition integrates security testing into the software development life cycle while helping development teams, security analysts, auditors and compliance managers strengthen application security, protect confidential information, and improve governance, risk management and compliance.
Features:
- Automated correlation of static and dynamic analysis results (hybrid analysis) when deployed with AppScan Enterprise and AppScan Reporting Console.
- Extensible Web application framework support that delivers unparalleled flexibility to support new and custom application frameworks.
- String Analysis, an IBM Research innovation, for automated identification of validation routines, which simplifies the user experience for developers.
- Central repository for shared information, such as global security rules and published security assessments supporting comprehensive trend analysis.
- Vulnerability Matrix to instantly prioritize confirmed critical vulnerabilities with no false positives.
- Automated project import facility that simplifies setup – even in incomplete environments
- Customizable report cards help demonstrate compliance with industry regulations and best practices, including the OWASP Top 10 and PCI
- Detailed project-based Software Security Profiles, as well as customizable snapshot and trend reports, prove progress and monitor compliance with contracted security requirements
Benefits:
- Cost-effective risk management from early identification and remediation of application vulnerabilities.
- Industry-leading security knowledgebase helps ensure precise identification of vulnerabilities and remediation assistance.
- With a few clicks, identify a confirmed vulnerability, add notes for the developer, and assign it through email or integration with your defect tracking system.
- Reliably manage and measure risk across your portfolio of applications.
- Reporting templates provide specific information to prove compliance with leading standards and regulations such as the OWASP Top 10 and the PCI Data Security Standard.
- Seamlessly works within your chosen IDE, including Rational Application Developer.
- Make enterprise-wide implementations practical and efficient with centralized “push-and-play” deployment.
- Click once to take you to the vulnerable line of code, straight from your IDE.
- In-context remediation advice helps development organizations learn about the vulnerability and fix it, armed with advice from the industry’s most comprehensive software security knowledgebase with links to the Common Weakness Enumeration (CWE) community site.
All products within the Rational category
- Rational Rhapsody Architect for Software
- Rational Rhapsody Architect for Systems Engineers
- Rational Rhapsody Design Manager
- Rational Rhapsody Designer for Systems Engineers
- Rational Rhapsody Developer
- Rational Software Architect Design Manager
- Rational Software Architect Simulation Toolkit
- Rational System Architect
- Rational Build Forge Enterprise Edition
- Rational Build Forge Enterprise Plus Edition
- Rational Build Forge Standard Edition
- Rational Application Performance Analyzer
- Rational AppScan Build Edition
- Rational AppScan Enterprise Edition
- Rational AppScan Tester Edition
- Rational Functional Tester
- Rational Functional Tester Plus
- Rational Performance Tester
- Rational Performance Tester for z%3AOS
- Rational Policy Tester Accessibility Edition
- Rational Policy Tester OnDemand Privacy, Quality and Accessibility Edition
- Rational Policy Tester Privacy Edition
- Rational Policy Tester Quality Edition
- Rational Publishing Engine
- Rational Purify for Linux and UNIX%20
- Rational Purify for Windows
- Rational PurifyPlus Enterprise Edition%20
- Rational PurifyPlus for AIX
- Rational PurifyPlus for Linux and UNIX%20
- Rational PurifyPlus for Windows
- Rational Quality Manager
- Rational Robot
- Rational Service Tester for SOA Quality
- Rational Software Analyzer Developer Edition%20
- Rational Software Analyzer Enterprise Edition
- Rational Test RealTime
- Rational DOORS
- Rational DOORS Web Access
- Rational Requirements Composer
- Rational RequisitePro
- Rational Rose Data Modeler
- Breeze for SCLM for z%3AOS
- Enhanced Access Control for SCLM for z%3AOS
- Rational Change
- Rational ClearCase
- Rational ClearCase Change Management Solution
- Rational ClearCase Change Management Solution Enterprise Edition
- Rational ClearCase MultiSite
- Rational ClearQuest
- Rational ClearQuest MultiSite
- Rational Lifecycle Package
- Rational Synergy
- Rational Team Concert
- Rational Asset Manager Enterprise Edition %20
- Rational Asset Manager Standard Edition
- Rational Insight
- Rational Method Composer
- Application Workload Modeler
- Rational Focal Point
- Rational Publishing Engine
- Host Access Client Package
- Merge Tool for zOS and OS390
- Personal Communications
- Rational Application Developer for WebSphere Software
- Rational Business Developer
- Rational Dashboard
- Rational Data and Application Modeling Bundle
- Rational Developer
- Rational EGL Community Edition
- Rational Elite Support for Eclipse
- Rational Host Access Transformation Services
- Rational Host On-Demand
- VisualAge Pacbase
- WebSphere Studio Asset Analyzer
- Rational Application Developer Standard Edition for WebSphere Software
- Rational Deployment Automation Content Pack for RAFW and WAS
- Rational Developer
- Rational Developer for System z with Java
- Rational Logiscope
- Rational Modeler
- Rational Programming Patterns for System z
- Rational Rhapsody Design Manager
- Rational Rose Data Modeler
- Rational Rose Developer for Java
- Rational Rose Developer for UNIX
- Rational Rose Developer for Visual Studio
- Rational Rose Enterprise
- Rational Rose Modeler
- Rational Software Analyzer
- Rational Software Architect Design Manager
- Rational Software Architect Extension for C++
- Rational Software Architect Extension for Communications Applications
- Rational Software Architect Extension for Deployment Planning
- Rational Software Architect Extension for Integrated Architecture Frameworks
- Rational Software Architect Extension for SOA and WebSphere
- Rational Software Architect for WebSphere Software
- Rational System Architect
- XL C C++ Advanced Edition for Blue Gene
- XL C C++ for AIX
- XL C C++ for Linux
- XL C for AIX
- zOS XL C C++
- COBOL for AIX
- COBOL for OS 390 & VM
- COBOL for VSE ESA
- COBOL Report Writer
- Compiler and Library for REXX on zSeries
- Enterprise COBOL for zOS
- Enterprise PLI for zOS
- VS FORTRAN
- XL Fortran Advanced Edition for Blue Gene
- XL Fortran for AIX
- XL Fortran for Linux
- Rational Development Studio for i
- XL C C++ for zVM
- Rational Development Studio for i
- PLI for AIX
- PLI for MVS & VM
- PLI for VSE
- Rational Ada Developer base edition
- Rational Ada Developer Enterprise Edition
- Rational Ada Embedded Developer
- Rational Ada Embedded Developer Enterprise Edition
- Rational Rhapsody Architect for Software
- Rational Rhapsody Architect for Systems Engineers
- Rational Rhapsody Designer for Systems Engineers
- Rational Migration Extension
- Rational Open Access RPG Edition
- Rational Rose Technical Developer
- Rational SDL Suite
- Rational Statemate
- Rational Systems Tester
- Rational Tau
- Rational TTCN Suite
- Rational Asset Analyzer
- Rational Asset Manager Standard Edition
- Rational Data and Application Modeling Bundle
- Rational Focal Point
- Rational RequisitePro
- Rational Software Architect
- Rational Software Architect for WebSphere Software
- Rational System Architect XT
- Host Access Client Package
- WebSphere Studio Asset Analyzer
- Rational Asset Analyzer for System z
- Rational Power Appliance
- Rational AppScan Build Edition
- Rational AppScan Enterprise Edition
- Rational AppScan Express Edition
- Rational AppScan OnDemand
- Rational AppScan OnDemand Production Site Monitoring
- Rational AppScan Source Edition
- Rational AppScan Standard Edition
- Rational AppScan Tester Edition
- Rational Virtual Forge CodeProfiler for AppScan Source Edition
- Rational EGL Community Edition
- Rational Team Webtop