Kindly help me in solving these queries:
1. Benefit of using Glass box scan apart from revealing unreferenced parameters at application server. (In context with Fiddler, HTTPWatcher), what extra and unique information glass box scan provides.
2. The sample screen shots highlights class Name (DBUtil.class), what internal mechanism glass box scan use/ how it provides class name and most important- the SQL query. Does appscan use some decompiler? Kindly provide detailed information.
**Note: see attached Image: GlassBox.jpeg
3. Is it possible to customize standard compliance reports? If yes, How?
4. Information regarding dataset. Where AppScan stores vulnerability dataset?
5. Do AppScan collects any confidential information related to application?
6. Regarding Continuous integration with AppScan? Can it be integrated with Jenkins, SVN?
7. Support for testing RestFul Web Services?
8. Whether AppScan is capable of handling Flash based login? Like testing games build using Flash.