1 / 22

Security Services and AppScan

Security Services and AppScan. Why Develop Secure Applications. Prevent Vulnerabilities. [account and data theft] Prevent Breaches. [$200/record notifications] Prevent Regulatory Violations [FERPA, 201 CMR 17]. Why YOU Develop Secure Applications.

saki
Download Presentation

Security Services and AppScan

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Servicesand AppScan

  2. Why Develop Secure Applications • Prevent Vulnerabilities. [account and data theft] • Prevent Breaches. [$200/record notifications] • Prevent Regulatory Violations [FERPA, 201 CMR 17]

  3. Why YOU Develop Secure Applications • Reduces future maintenanceand “fire-fighting” emergencies. • Easier to figure out while “in your head” • Patching production sucks. • Security is fun and cool (right?) • Jumbo in the room: reputation and prestige

  4. How to Develop Secure Applications • Conduct Security Assessments Throughout Development • Automated Code Review (doesn’t even have to compile) • Automated Black Box Scans • Manual Risk Assessments • Talk to Information Security • We pretend to be nice if you talk to use before launch! • Learn about security relevant to your areas of expertise. • OWASP • Stack Exchange

  5. Key Points to Discuss while Demo Fails • Badnessometer • Why automatedscanning is thebare minimum • Canned Tests - Known Good vs Test Result

  6. AppScan Demo

  7. AppScan Demo

  8. AppScan Demo

  9. AppScan Demo

  10. AppScanDemo

  11. AppScan Demo

  12. AppScan Demo

  13. AppScan Demo

  14. AppScan Demo

  15. AppScan Demo

  16. AppScan Demo

  17. AppScan Demo

  18. AppScan Demo

  19. AppScan Demo

  20. AppScan Demo

  21. AppScan Demo

  22. AppScan Demo Options: • Throttle Test Speed • Enable Flash / JavaScript • Record Custom Logic • Define Custom Error Pages (!!!)

More Related