IBM Security AppScan: For a Secured Application
Bangalore: IBM announced a new software- IBM Security AppScan to help organizations develop mobile applications that are more secured by design. Now, clients can build security into the initial design of their mobile applications so that vulnerabilities will be detected early in the development process.
As companies embrace the growing "Bring Your Own Device" (BYOD) trend, the need to secure the applications that run on these devices is becoming more critical. According to the 2011 IBM X-Force Trend and Risk Report, mobile exploits increased by 19 percent in 2011.
Security on the go
Mobile applications also come under attack from malware and phishing, or scanning QR codes with malicious scripts. The new AppScan analysis capabilities will find the vulnerabilities to help developers build more secure mobile applications.
Marc van Zadelhoff, vice president of Strategy and Product Management, IBM Security Systems said, “Providing clients with the ability to scan mobile applications for vulnerabilities--including applications developed in-house and outsourced is the next step of our mobile strategy. With more than 120,000 of our own employees accessing IBM's network through mobile devices, we have had to focus heavily on developing a way for employees to work safely and securely."
The capabilities of the new IBM Security AppScan are:
1. Integration with IBM's QRadar Security Intelligence Platform allows for increased Security Intelligence when an application is moved into production. By correlating known application vulnerabilities with user and network activity, QRadar can automatically raise or lower the priority score of security incidents.
2. A new Cross Site Scripting (XSS) analyzer which uses a learning mode to quickly evaluate millions of potential tests from less than 20 core tests. This new XSS analyzer finds more XSS vulnerabilities faster than any previous version of AppScan.
3. New static analysis capabilities help companies adopt broad application security practices through simplified on-boarding of applications and empowering non-security specialists to test faster than with prior releases.
4. Predefined and customizable templates that provide development teams the ability to quickly focus on a rule set prioritized by their security teams, helping corporations focus on key issues for them across their organization.
Post your Comment
All form fields are required.