Today's modern web applications are more than a match for most desktop PC applications and continue to push boundaries by taking advantage of limitless cloud services. But more powerful web applications means more complicated code, and the more complicated the code, the greater the risk of coding flaws — which can lead to serious security vulnerabilities within the application. Web application vulnerabilities face exploitation by relentless malicious actors, bent on profiteering from data theft, or gaining online notoriety by causing mischief. This article looks at securing web applications by adopting industry best application development practices, such as the OWASP Top 10 and using web application vulnerability scanning tools, like IBM Rational® AppScan®.
You might also be interested in:
IBM Security AppScan is a leading application security testing suite designed to help manage vulnerability testing throughout the software development lifecycle. IBM Security AppScan automates vulnerability assessments and scans and tests for all common web app vulnerabilities, including SQL injection, cross-site scripting, buffer overflow, and new flash/flex app and Web 2.0 exposure scans.
AppScan provides full coverage of the OWASP Top 10 for 2013. Our solution also includes support for industry-standard Transport Layer Security (TLS) protocol 1.2, and is compliant with Federal Information Publication Standard (FIPS) 140-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.
Download a trial version of AppScan Standard.