Security Services and AppScan
description
Transcript of Security Services and AppScan
PowerPoint Presentation
Security Servicesand AppScan
1Why Develop Secure ApplicationsPrevent Vulnerabilities.[account and data theft]Prevent Breaches.[$200/record notifications]Prevent Regulatory Violations[FERPA, 201 CMR 17]
Why YOU Develop Secure ApplicationsReduces future maintenanceand fire-fighting emergencies.Easier to figure out while in your headPatching production sucks.Security is fun and cool (right?)Jumbo in the room: reputation and prestigeHow to Develop Secure ApplicationsConduct Security Assessments Throughout DevelopmentAutomated Code Review (doesnt even have to compile)Automated Black Box ScansManual Risk Assessments
Talk to Information SecurityWe pretend to be nice if you talk to use before launch!
Learn about security relevant to your areas of expertise.OWASPStack Exchange
Key Points to Discuss while Demo FailsBadnessometerWhy automatedscanning is thebare minimumCanned Tests - Known Good vs Test Result
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScanDemo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan Demo
AppScan DemoOptions: Throttle Test Speed Enable Flash / JavaScript Record Custom Logic Define Custom Error Pages (!!!)