Rational AppScan Standard Edition
Features and benefits
IT auditors and compliance officers are looking for a process to test Web application security controls so that their Web applications are not exposed to vulnerabilities that can be exploited by hackers. AppScan® Standard Edition automates vulnerability testing, so customers can integrate security testing into the Web application development process for new or existing applications.
IBM Rational AppScan Standard Edition is an industry-leading Web application security testing solution that includes both 1.) Dynamic analysis to test for all common web application vulnerabilities, and 2.) Static analysis of JavaScript to identify client-side vulnerabilities.
- Identifies web application vulnerabilities including all relevant WASC TCv2 threat classes, such as SQL-Injection, Cross-Site Scripting and Buffer Overflows
- Applies static taint analysis with JavaScript Security Analyzer to identify client-side security issues, such as DOM-based cross site scripting, code injection, Open Redirect, CSRF Bypass, Dual Session, Port Manipulation and Protocol Manipulation
- Provides broad application coverage for Web 2.0/Rich Internet Applications with support for AJAX, Adobe Flash/Flex, etc.
- Includes enhanced support for Web Services and Service Oriented Architecture including SOAP and XML
- Includes advanced testing utilities to expand custom security testing by combining the power of AppScan with Pyscan scripts for more powerful and more efficient manual testing
- Generates advanced remediation capabilities including a comprehensive task list to ease vulnerability remediation
- Simplifies security testing for non-security professionals by building scanning intelligence directly into the application
- Features over 40 out-of-the-box compliance reports including PCI Data Security Standards, ISO 17799, ISO 27001, Basel II, SB 1386 and PABP (Payment Application Best Practices)
- Simplified scan results through the new Results Expert wizard, further simplifying the process of interpreting scan results through scan-specific descriptions and straight forward explanations of each issue
- Integrates with defect tracking systems, such as Rational ClearQuest and HP Quality Center
All products within the Rational category
- Rational Rhapsody Architect for Software
- Rational Rhapsody Architect for Systems Engineers
- Rational Rhapsody Design Manager
- Rational Rhapsody Designer for Systems Engineers
- Rational Rhapsody Developer
- Rational Software Architect Design Manager
- Rational Software Architect Simulation Toolkit
- Rational System Architect
- Rational Build Forge Enterprise Edition
- Rational Build Forge Enterprise Plus Edition
- Rational Build Forge Standard Edition
- Rational Application Performance Analyzer
- Rational AppScan Build Edition
- Rational AppScan Enterprise Edition
- Rational AppScan Tester Edition
- Rational Functional Tester
- Rational Functional Tester Plus
- Rational Performance Tester
- Rational Performance Tester for z%3AOS
- Rational Policy Tester Accessibility Edition
- Rational Policy Tester OnDemand Privacy, Quality and Accessibility Edition
- Rational Policy Tester Privacy Edition
- Rational Policy Tester Quality Edition
- Rational Publishing Engine
- Rational Purify for Linux and UNIX%20
- Rational Purify for Windows
- Rational PurifyPlus Enterprise Edition%20
- Rational PurifyPlus for AIX
- Rational PurifyPlus for Linux and UNIX%20
- Rational PurifyPlus for Windows
- Rational Quality Manager
- Rational Robot
- Rational Service Tester for SOA Quality
- Rational Software Analyzer Developer Edition%20
- Rational Software Analyzer Enterprise Edition
- Rational Test RealTime
- Rational DOORS
- Rational DOORS Web Access
- Rational Requirements Composer
- Rational RequisitePro
- Rational Rose Data Modeler
- Breeze for SCLM for z%3AOS
- Enhanced Access Control for SCLM for z%3AOS
- Rational Change
- Rational ClearCase
- Rational ClearCase Change Management Solution
- Rational ClearCase Change Management Solution Enterprise Edition
- Rational ClearCase MultiSite
- Rational ClearQuest
- Rational ClearQuest MultiSite
- Rational Lifecycle Package
- Rational Synergy
- Rational Team Concert
- Rational Asset Manager Enterprise Edition %20
- Rational Asset Manager Standard Edition
- Rational Insight
- Rational Method Composer
- Application Workload Modeler
- Rational Focal Point
- Rational Publishing Engine
- Host Access Client Package
- Merge Tool for zOS and OS390
- Personal Communications
- Rational Application Developer for WebSphere Software
- Rational Business Developer
- Rational Dashboard
- Rational Data and Application Modeling Bundle
- Rational Developer
- Rational EGL Community Edition
- Rational Elite Support for Eclipse
- Rational Host Access Transformation Services
- Rational Host On-Demand
- VisualAge Pacbase
- WebSphere Studio Asset Analyzer
- Rational Application Developer Standard Edition for WebSphere Software
- Rational Deployment Automation Content Pack for RAFW and WAS
- Rational Developer
- Rational Developer for System z with Java
- Rational Logiscope
- Rational Modeler
- Rational Programming Patterns for System z
- Rational Rhapsody Design Manager
- Rational Rose Data Modeler
- Rational Rose Developer for Java
- Rational Rose Developer for UNIX
- Rational Rose Developer for Visual Studio
- Rational Rose Enterprise
- Rational Rose Modeler
- Rational Software Analyzer
- Rational Software Architect Design Manager
- Rational Software Architect Extension for C++
- Rational Software Architect Extension for Communications Applications
- Rational Software Architect Extension for Deployment Planning
- Rational Software Architect Extension for Integrated Architecture Frameworks
- Rational Software Architect Extension for SOA and WebSphere
- Rational Software Architect for WebSphere Software
- Rational System Architect
- XL C C++ Advanced Edition for Blue Gene
- XL C C++ for AIX
- XL C C++ for Linux
- XL C for AIX
- zOS XL C C++
- COBOL for AIX
- COBOL for OS 390 & VM
- COBOL for VSE ESA
- COBOL Report Writer
- Compiler and Library for REXX on zSeries
- Enterprise COBOL for zOS
- Enterprise PLI for zOS
- VS FORTRAN
- XL Fortran Advanced Edition for Blue Gene
- XL Fortran for AIX
- XL Fortran for Linux
- Rational Development Studio for i
- XL C C++ for zVM
- Rational Development Studio for i
- PLI for AIX
- PLI for MVS & VM
- PLI for VSE
- Rational Ada Developer base edition
- Rational Ada Developer Enterprise Edition
- Rational Ada Embedded Developer
- Rational Ada Embedded Developer Enterprise Edition
- Rational Rhapsody Architect for Software
- Rational Rhapsody Architect for Systems Engineers
- Rational Rhapsody Designer for Systems Engineers
- Rational Migration Extension
- Rational Open Access RPG Edition
- Rational Rose Technical Developer
- Rational SDL Suite
- Rational Statemate
- Rational Systems Tester
- Rational Tau
- Rational TTCN Suite
- Rational Asset Analyzer
- Rational Asset Manager Standard Edition
- Rational Data and Application Modeling Bundle
- Rational Focal Point
- Rational RequisitePro
- Rational Software Architect
- Rational Software Architect for WebSphere Software
- Rational System Architect XT
- Host Access Client Package
- WebSphere Studio Asset Analyzer
- Rational Asset Analyzer for System z
- Rational Power Appliance
- Rational AppScan Build Edition
- Rational AppScan Enterprise Edition
- Rational AppScan Express Edition
- Rational AppScan OnDemand
- Rational AppScan OnDemand Production Site Monitoring
- Rational AppScan Source Edition
- Rational AppScan Standard Edition
- Rational AppScan Tester Edition
- Rational Virtual Forge CodeProfiler for AppScan Source Edition
- Rational EGL Community Edition
- Rational Team Webtop