IBM Advanced Business Partner - Authorized Software Value Plus Tivoli

IBM Advanced Business Partner

IBM Rational AppScan
Application Security Testing and Risk Management

 

IBM Software
IBM Rational AppScan
IBM Rational AppScan Call for lowest Price! Get a Quote!

 

Overview:

Application Security Testing and Risk Management

IBM delivers the most complete portfolio of application-security and risk-management solutions. With advanced security testing and a platform managing application risk, the IBM Rational AppScan portfolio delivers the security expertise and critical integrations to application life-cycle management that empower enterprises to not just identify vulnerabilities, but also reduce overall application risk. The IBM Rational AppScan portfolio includes advanced static (white box) and dynamic (black box) analysis—as well as innovative technologies like glass-box testing and run-time analysis that keep up with the latest threats and drive precise, actionable results.

Product Editions:

  • AppScan Enterprise Edition - Enterprise-class solution for application security testing and risk management with governance, collaboration and security intelligence.
  • AppScan Source Edition - Adds source code analysis to AppScan Enterprise with static application security testing (SAST).
  • AppScan Standard Edition - Automated Web application security testing for IT Security, auditors, and penetration testers.
  • AppScan Tester Edition - Dynamic application security testing (DAST) solution specifically designed to integrate application security testing into QA environment with Rational Quality Manager.
  • Virtual Forge CodeProfiler for AppScan Source Edition - Extends AppScan Source Edition for static application security testing of SAP ABAP source code.

Compare Editions:

IBM® Rational® AppScan automates application security testing by scanning applications, identifying vulnerabilities and generating reports with intelligent fix recommendations to ease remediation.

Compare Editions
AppScan Edition Standard Enterprise Source
Overview Desktop solution to automate Web application security testing Multi-user solution providing simultaneous application security scanning and centralized reporting Static Application Security Testing (SAST) solution that integrate s security testing as part of the application development process
Intended Users Small security teams with several security testers All stakeholders of an application security initiative – management, security teams, development and QA. Development and Security teams
Deployment Desktop software Client/Server Client/Server
Dynamic Analysis Yes Yes  
Static Analysis JSX   Yes
Hybrid Analysis JSX Correlation Reporting  
Simultaneous Scans   Yes Yes
Web applications scanning Yes Yes Yes
Web services scanning Yes Yes Yes
Malware Scanning Yes Yes  
Non-Web Application     Yes
Reporting Local Enterprise-wide Local & Enterprise-wide