Presentation is loading. Please wait.

Presentation is loading. Please wait.

You will not hear sound until the host opens the audio line.

Published bySilas May Modified over 6 years ago

Similar presentations

Presentation on theme: "You will not hear sound until the host opens the audio line."— Presentation transcript:

1 You will not hear sound until the host opens the audio line.
10/27/17 What's new in AppScan Standard IBM Security support Open Mic To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu option. To ask a question by voice, you must either Call In or have a microphone on your device. You will not hear sound until the host opens the audio line. For more information, visit: Author notes: <please delete these instructions before presenting> This is the IBM Security Default Template for both internal and external use. It’s aspect ratio is 16:10 and measures 10 x 6.25”. This template was created in Microsoft PowerPoint 365 Pro Plus 2016. Template files (saved with the file extension .potx) contain slide designs and customized layouts and are stored in your Microsoft templates folder* To save your new template as your default template for future use: Click “File / Save as” and choose “PowerPoint template (.potx) from the pull down menu” Rename file to, “Blank.potx” and click “Save” (file will then be stored to the default template location) Themes provide a complete slide design that can be applied to your existing presentation, including background designs, font styles, colors, and layouts To save your new template’s theme file; click “View / Slide Master / Themes” On the Themes pull down menu, select, “Save Current Theme” This new Theme file is how you apply the new template design to your existing presentations For more information, visit: Office.com / PowerPoint / Support Copy your existing source slides in slide sorter view Paste special by right-clicking in slide sorter view of destination file or template Select “Keep source formatting” This helps to ensure your slides retain their existing styles Each slide needs to be adjusted by doing the following in “Normal view” Select body content except title and footer by (Control “A”; then select title and footers while holding shift key) Cut remaining selected body content (Control “X”) Reset slide layout using new template layouts Paste slide content back onto slide (Control “V”) Learn more about using templates, visit: Office.com / PowerPoint / Support NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT YOU MAY MAKE DURING THE CALL, AS WELL AS TO IBM’S USE OF SUCH RECORDING IN ANY AND ALL MEDIA, INCLUDING FOR VIDEO POSTINGS ON YOUTUBE. IF YOU OBJECT, PLEASE DO NOT CONNECT TO THIS CALL. October 15, 2017 1 1

2 10/27/17 Scheduled Open Mics Nov 29th (today) - What's new in AppScan Standard version Dec 6th, What's new in AppScan Enterprise version Jan 17th, How to automate scanning with AppScan Enterprise Feb 21st, How to transfer a scan from AppScan Standard to ASE Mar 21st, How AppScan explores applications (ABE, RBE) 2 2

3 Panelists today: Ronen Bachar – Dev manager AppScan Standard
10/27/17 Panelists today: Ronen Bachar – Dev manager AppScan Standard Tammy Gelles – Dev lead in AppScan team Idan Slonimsky – Dev in AppScan team Aviv Feinstein – Dev in AppScan team Chen Ulmer – L3/Dev in AppScan team Joe Kiggen – Moderator – AppScan L2 Manager 3 3

4 Agenda What's new in AppScan Standard version 9.0.3.7
10/27/17 Agenda What's new in AppScan Standard version released on November 15, 2017 Improved Session Detection UI New License Manager Explore data import Login export OS support: Supports Windows Server 2016 Refresh Web Services test policy Tests for “Apache Struts 2” vulnerabilities 4 4

5 Improved Session Detection UI
10/27/17 Improved Session Detection UI A couple of improvements in the Scan Configuration > Login Management > Details dialog. 1) A drop-down menu is added to Detection Pattern to suggest other strings that are candidates for in-session pattern, in case the current one is problematic. The pattern candidates are derived by comparing the “in-session request” response in it’s recorded “logged-in” state and as “logged-out” (AppScan sends the request in the background without session id’s in order to make the comparison) 5 5

6 Improved Session Detection UI
2) The Select Detection Pattern dialog is improved. (accessible from the Advanced pattern selection button) The improved dialog helps choosing a new in-session pattern. Now you will see the in-session request and response (when logged in), next to the out-of-session request and response you would get when logged out. The dialog also includes the new in-session pattern candidates drop down (described on the previous page), so you can easily select a new pattern. Helpful remarks, with suggestions, have been added to the top of the dialog. A pager enables you to scroll between requests without leaving the dialog. Advanced users can check if AppScan correctly handled the session id’s by looking at the request AppScan sent as “logged-out”. If the session id’s were not removed from the request, you might have a problem in the session id’s\custom headers configuration.

7 Select Detection Pattern dialog with a good pattern example

8 Select Detection Pattern dialog with a bad pattern example

9 10/27/17 New License Manager AppScan uses RCL (Rational Common Licensing) for license management. In AppScan Standard and before, LKAD (an RCL tool) is used to point AppScan to its licenses LKAD takes over 500 MB in AppScan installation LKAD has few defects and some installation problems In AppScan Standard , LKAD is replaced with License Manager. License Manager works directly with the RCL APIs. 9 9

10 New License Manager 10/27/17 The main panel of the License Manager is available under: Help > License > Open AppScan License Manager In the panel, you will see all available AppScan Standard licenses (which have been configured in the License Configuration dialog) 10 10

11 New License Manager 10/27/17 The License Configuration dialog (accessible by clicking the License Configuration button on the mail panel) allows you to configure from where you want to pull licenses: a Node-Locked license by selecting a file a floating license by providing a host and port for a License Server Note: You can specify multiple license files or License Servers. 11 11

12 New License Manager Additional information:
10/27/17 New License Manager Additional information: AppScan Standard does NOT use LKAD. AppScan will use only licenses configured with License Manager. On upgrade from a previous version of AppScan Standard, AppScan will automatically import the LKAD license configuration into License Manager. The size of the AppScan installation file will drop by over 500 MB. Node-Locked License file name can’t contain characters in other languages (only ASCII chars are supported) 12 12

13 Explore data import .har (HTTP Archive) .dast.config or .config
10/27/17 Explore data import AppScan Standard supports the following traffic files formats when importing data with File > Import > Explore Data .har (HTTP Archive) .dast.config or .config .exd (supported in previous versions of AppScan) Appscan cmd supports new traffic files format as well, for instance: AppScanCMD.exe /manual_explore_file myFile.har 13 13

14 Explore data import Added value:
10/27/17 Explore data import Added value: The .har format is well known. It can be created easily with common browsers, e.g. Chrome, Firefox. It is easier now to record traffic with a third party tool, and then importing it to AppScan. The .dast.config file can be created with AppScan proxy server tool (not bundled with AppScan Standard) Note: The .config format is the same as the .dast.config format. Contains one or more .har files. 14 14

15 10/27/17 Login Export When you export a login recording, the file will include now - configured custom headers, - form filler fields, and - HTTP authentication information, in addition to session management information as previously. This will allow the login to work better. Note: When importing a login recording with a new property, the property will be added to the existing Form Fill. Old properties will remain, and their values will be updated from the login file. 15 15

16 Tests for “Apache Struts 2” vulnerabilities
10/27/17 AppScan Standard includes tests for the following Appache Struts 2 command execution vulnerabilities: - CVE - CVE - CVE These tests are controllable via the test policy: 16 16

17 Questions for the panel
10/27/17 Questions for the panel Now is your opportunity to ask questions of our panelists. To ask a question now: Raise your hand by clicking Raise Hand. The Raise Hand icon appears next to your name in the Attendees panel on the right in the WebEx Event. The host will announce your name and unmute your line. or Type a question in the box below the Ask drop-down menu in the Q&A panel. Select All Panelists from the Ask drop-down-menu. Click Send. Your message is sent and appears in the Q&A panel. To ask a question after this presentation: You are encouraged to participate in the dW Answers forum: 17 17

18 Where do you get more information?
10/27/17 Where do you get more information? Questions on this or other topics can be directed to the productforum: AppScan Standard download link: AppScan Standard versions available: Security Learning Academy: Useful links: Get started with IBM Security Support IBM Support Portal | Sign up for “My Notifications” FREE learning resources on the Security Learning Academy Follow us: 18 18

19 19 Mandatory closing slide with copyright and legal disclaimers. 19
10/27/17 Mandatory closing slide with copyright and legal disclaimers. 19 19

20 What's new in AppScan Standard 9.0.3.7
20

Download ppt "You will not hear sound until the host opens the audio line."

Similar presentations

MS® PowerPoint.

MS® PowerPoint.
Computer Basics Hit List of Items to Talk About ● What and when to use left, right, middle, double and triple click? What and when to use left, right,

Computer Basics Hit List of Items to Talk About ● What and when to use left, right, middle, double and triple click? What and when to use left, right,
DNR-322L & DNR-326.

DNR-322L & DNR-326.
Using a Template to Create a Resume and Sharing a Finished Document

Using a Template to Create a Resume and Sharing a Finished Document
Microsoft Windows Vista Chapter 6 Customizing Your Computer Using the Control Panel.

Microsoft Windows Vista Chapter 6 Customizing Your Computer Using the Control Panel.
1 of 6 Parts of Your Notebook Below is a graphic overview of the different parts of a OneNote 2007 notebook. Microsoft ® OneNote ® 2007 notebooks are digital.

1 of 6 Parts of Your Notebook Below is a graphic overview of the different parts of a OneNote 2007 notebook. Microsoft ® OneNote ® 2007 notebooks are digital.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: www.scusd.edu/website-training-teachers For more information.

New School Websites Teacher Pages. Visit the SCUSD Website for videos tutorials: For more information.
CMS Wiki Pages CMS Pages, the only approved and supported website service for CMS employees, has been failing and an alternative needed to be implemented.

CMS Wiki Pages CMS Pages, the only approved and supported website service for CMS employees, has been failing and an alternative needed to be implemented.
CHAPTER 9 Introducing Microsoft Office 2010. Learning Objectives Start Office programs and explore common elements Use the Ribbon Work with files Use.

CHAPTER 9 Introducing Microsoft Office Learning Objectives Start Office programs and explore common elements Use the Ribbon Work with files Use.
Foxbright – Smarter Education Websiteswww.foxbright.com Foxbright Training Foxbright Teacher Pages

Foxbright – Smarter Education Websiteswww.foxbright.com Foxbright Training Foxbright Teacher Pages
My Workspace ELearning in Sakai Randy Graff, PhD HSC Training.

My Workspace ELearning in Sakai Randy Graff, PhD HSC Training.
> > >> < <

> > >> < <
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.

Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Chapter 28. Copyright 2003, Paradigm Publishing Inc. CHAPTER 28 BACKNEXTEND 28-2 LINKS TO OBJECTIVES Table Calculations Table Properties Fields in a Table.

Chapter 28. Copyright 2003, Paradigm Publishing Inc. CHAPTER 28 BACKNEXTEND 28-2 LINKS TO OBJECTIVES Table Calculations Table Properties Fields in a Table.
Word and the Writing Process. To create a document 1.On the Start menu, point to Programs, and then click Microsoft Word. A new document opens in Normal.

Word and the Writing Process. To create a document 1.On the Start menu, point to Programs, and then click Microsoft Word. A new document opens in Normal.
COMM 3050 – Online Project Update. Project Roles  Organizer Responsible for creating Zoom account technical aspects and posting recorded meeting to S:

COMM 3050 – Online Project Update. Project Roles  Organizer Responsible for creating Zoom account technical aspects and posting recorded meeting to S:
TITLE ClubRunner for Webmasters & Editors Home Page Stories, Site Pages Events and Speakers Email Communications and eBulletins.

TITLE ClubRunner for Webmasters & Editors Home Page Stories, Site Pages Events and Speakers Communications and eBulletins.
Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v11.11.1.

Copyright ©2016 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training What’s New in Fireware v
Chapter 5 Using a Template to Create a Resume and Sharing a Finished Document Microsoft Word 2013.

Chapter 5 Using a Template to Create a Resume and Sharing a Finished Document Microsoft Word 2013.

Similar presentations

Ads by Google