January 20, 2012

Rational Appscan

Many organizations depend on Web-based software to run their business processes, conduct transactions and deliver increasingly sophisticated services to customers.

Unfortunately, in the race to meet deadlines and stay ahead of the competition, many businesses fail to perform adequate security testing or take the time to make sure applications are in compliance with industry and regulatory standards.

The result is that many companies may unwittingly expose corporate or personal data to cybercriminals who can exploit these vulnerabilities for fun and profit—placing the entire business at risk. And since many regulatory requirements mandate a degree of application security, these organizations also run the risk of failing to meet compliance audit requirements, which can result in fines and customer backlash.

To help protect your company’s valuable assets, it’s important to test Web applications throughout their entire lifecycle—as they’re being developed and after they’re put into production.

IBM Rational® AppScan® software is a suite of marketplace-leading Web application security and compliance solutions that can help address the critical challenge of application security and compliance. The suite includes:

• IBM Rational AppScan Standard Edition
• IBM Rational AppScan Express Edition
• IBM Rational AppScan Tester Edition
• IBM Rational AppScan Developer Edition
• IBM Rational AppScan Build Edition
• IBM Rational AppScan Enterprise Edition
• IBM Rational AppScan Reporting Console
• IBM Rational AppScan OnDemand
• IBM Rational AppScan OnDemand Production Site Monitoring
• IBM Rational Web Based Training for AppScan

Stay On Top of Compliance Issues

The Rational AppScan offerings include compliance reports to help your company track its compliance with key industry and regulatory requirements, including National Institute of Standards and Technology Special Publication (NIST SP) 800-53 and the Open Web Application Security Project (OWASP) top 10, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley, Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA), Freedom of Information and Protection of Privacy Act (FIPPA) and Payment Application Best Practices (PABP).

Additionally, users can produce custom security reports and select which data points should be included in each report, making it possible to address critical compliance requirements.