Presentation is loading. Please wait.

Presentation is loading. Please wait.

Watchfire AppScan Web Application Security Software Omen Wild September 2007.

Published byRandell Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "Watchfire AppScan Web Application Security Software Omen Wild September 2007."— Presentation transcript:

1 Watchfire AppScan Web Application Security Software Omen Wild September 2007

2 AppScan Overview What is AppScan? What is AppScan? Software used by web developers, content managers, database administrators, and system administrators to check web applications for vulnerabilities Software used by web developers, content managers, database administrators, and system administrators to check web applications for vulnerabilities How is AppScan used? How is AppScan used? AppScan can be deployed in variety of application instances, including test, development and production AppScan can be deployed in variety of application instances, including test, development and production

3 AppScan Functionality Site crawl Site crawl Finds all linked pages Finds all linked pages Site check Site check Attacks web forms Attacks web forms SQL Injection SQL Injection Cross Site Scripting (XSS) Cross Site Scripting (XSS) Buffer Overflows Buffer Overflows Extensive reports Extensive reports

4 User Endorsement Brian Biehle Brian Biehle Supports the Academic Senate Supports the Academic Senate Scanned MySenate Scanned MySenate “You also have my full endorsement of AppScan and its effectiveness to uncover areas within a site that may pose security risks. The recommendations for resolving the issues within the reports generated from the scan have been very helpful as well.” “You also have my full endorsement of AppScan and its effectiveness to uncover areas within a site that may pose security risks. The recommendations for resolving the issues within the reports generated from the scan have been very helpful as well.”

5 AppScan Project Status UC Davis purchased Watchfire AppScan per existing UCOP agreement. The agreement includes: UC Davis purchased Watchfire AppScan per existing UCOP agreement. The agreement includes: 25 licenses for configuration, scanning and reporting features 25 licenses for configuration, scanning and reporting features 25 licenses for computer-based training 25 licenses for computer-based training On-site training for administrators and license holders On-site training for administrators and license holders Hardware is in place Hardware is in place Working with vendor for installation and training Working with vendor for installation and training

6 Implementation Plan & Estimated Timeline October 1 - 15: Watchfire staff available for implementation planning October 1 - 15: Watchfire staff available for implementation planning October 15 – November 2: Watchfire staff on-site for implementation assistance October 15 – November 2: Watchfire staff on-site for implementation assistance October 22 – 26: Watchfire staff on site for training October 22 – 26: Watchfire staff on site for training While this timeline my change slightly, AppScan on-site training will be completed no later than mid-November 2007 While this timeline my change slightly, AppScan on-site training will be completed no later than mid-November 2007

7 Next Steps Finalize license distribution plan and process Finalize license distribution plan and process Finalize training strategy and timeline Finalize training strategy and timeline Develop and implement communication plan Develop and implement communication plan

8 Questions?

Download ppt "Watchfire AppScan Web Application Security Software Omen Wild September 2007."

Similar presentations

Knowledge Pathways in IT

Knowledge Pathways in IT
Matthew Maderos Matthew Conlon Information Technology Massachusetts College of Art & Design NERCOMP.

Matthew Maderos Matthew Conlon Information Technology Massachusetts College of Art & Design NERCOMP.
CTS IT Security Enhancement Projects December 10, 2014.

CTS IT Security Enhancement Projects December 10, 2014.
P3, M2,M3,M4.

P3, M2,M3,M4.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
November, 2010 RAM &ITS Telco with NRC to determine project plan & requirements for implementation of LTS May, 2011 Received LTS Lite & installation documents.

November, 2010 RAM &ITS Telco with NRC to determine project plan & requirements for implementation of LTS May, 2011 Received LTS Lite & installation documents.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
1 UC Davis Athletics Baseline Data, 2000 to 2005 Prepared at the Request of Janet Gong, Interim Vice Chancellor--Student Affairs Lora Jo Bossio, Interim.

1 UC Davis Athletics Baseline Data, 2000 to 2005 Prepared at the Request of Janet Gong, Interim Vice Chancellor--Student Affairs Lora Jo Bossio, Interim.
Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.

Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.
Chapter 4 Application Security Knowledge and Test Prep

Chapter 4 Application Security Knowledge and Test Prep
An Overview of the REMS TA Center’s EOP ASSIST Software Application.

An Overview of the REMS TA Center’s EOP ASSIST Software Application.
Software Licensing at UC Davis Information Resources Department Debbie Castanon, SLC Pat Kava, Client Services Manager Summer 2000.

Software Licensing at UC Davis Information Resources Department Debbie Castanon, SLC Pat Kava, Client Services Manager Summer 2000.
March Intensive: XSS Exploits

March Intensive: XSS Exploits
So You Want to Switch Course Management Systems? We Have! Come Find Out What We’ve Learned. Copyright University of Okahoma 2006. This work is the intellectual.

So You Want to Switch Course Management Systems? We Have! Come Find Out What We’ve Learned. Copyright University of Okahoma This work is the intellectual.
Project Implementation for COSC 5050 Distributed Database Applications Lab1.

Project Implementation for COSC 5050 Distributed Database Applications Lab1.
Duties of a system administrator. A system administrator's responsibilities typically include:

Duties of a system administrator. A system administrator's responsibilities typically include:
Web Application Testing with AppScan Terry Labach.

Web Application Testing with AppScan Terry Labach.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
User Services. Services Desktop Support Technical Support Help Desk User Services Customer Relationship Management.

User Services. Services Desktop Support Technical Support Help Desk User Services Customer Relationship Management.
Module 1: Installing Windows XP Professional. Overview Manually Installing Windows XP Professional Automating a Windows XP Professional Installation Using.

Module 1: Installing Windows XP Professional. Overview Manually Installing Windows XP Professional Automating a Windows XP Professional Installation Using.

Similar presentations

Ads by Google