PowerPoint Presentation

Security Servicesand AppScan

1Why Develop Secure ApplicationsPrevent Vulnerabilities.[account and data theft]Prevent Breaches.[$200/record notifications]Prevent Regulatory Violations[FERPA, 201 CMR 17]

Why YOU Develop Secure ApplicationsReduces future maintenanceand fire-fighting emergencies.Easier to figure out while in your headPatching production sucks.Security is fun and cool (right?)Jumbo in the room: reputation and prestigeHow to Develop Secure ApplicationsConduct Security Assessments Throughout DevelopmentAutomated Code Review (doesnt even have to compile)Automated Black Box ScansManual Risk Assessments

Talk to Information SecurityWe pretend to be nice if you talk to use before launch!

Learn about security relevant to your areas of expertise.OWASPStack Exchange

Key Points to Discuss while Demo FailsBadnessometerWhy automatedscanning is thebare minimumCanned Tests - Known Good vs Test Result

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScanDemo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan Demo

AppScan DemoOptions: Throttle Test Speed Enable Flash / JavaScript Record Custom Logic Define Custom Error Pages (!!!)