Training offering

Fast Lane Deutschland

IBM Security AppScan Standard Fundamentals

Information

Length: 2.0 Days
Course code: TK400G
Delivery method: Classroom
Price: 1490 EUR
This training is available on request.
Please contact us by phone or email at :
+49 40 253346-10
info@flane.de

Overview

This course teaches you how to use IBM Security AppScan Standard effectively. The course demonstrates how to create web application and web services security scans as well as how to review and prioritize your scan results and create reports. You also learn how to optimize your scan so that it performs efficiently and accurately, and you learn about advanced techniques to help scan your applications. This course also introduces the various ways to customize Security AppScan Standard by using the Security AppScan Software Developer Kit (SDK) and eXtensions Framework (AXF).

Public

This basic course is for Web security auditors, Web developers and development managers, Quality assurance practitioners, Web testing and quality-assurance specialists.

Prerequisits

You should have:

  • Web application security knowledge
  • Completed Essentials of Web Application Security V2.0 (RT302)

Objective

  • Review the capabilities of Security AppScan Standard
  • Describe the potential risks of conducting an automated security scan
  • Configure and run a security scan
  • Compare manual and automatic exploration
  • Describe the process of analyzing scan results and using issue management
  • Review scan results, filter false positives, prioritize issues and communicate them to your stakeholders
  • Optimize your scan configuration and use advanced techniques to scan your web applications
  • Explain scan logs and messages, export a scan log, and troubleshoot scans
  • Create reports that are based on discovered security issues
  • Extend the functionality by using the Security AppScan Standard Software Development Kit (SDK) and eXtensions Framework (AXF)
  • Troubleshoot Security AppScan Standard

Topics

  • Unit 1: Security AppScan Standard overview
  • Unit 2: Installation and setup
  • Unit 3: Making the most of your installation
  • Unit 4: Configuring a scan
  • Unit 5: Running a scan
  • Unit 6: Reviewing scan results
  • Unit 7: Creating reports
  • Unit 8: Scanning Web 2.0 applications
  • Unit 9: Complex login and session management
  • Unit 10: Glass box and malware scanning
  • Unit 11: Content-based scanning
  • Unit 12: Optimizing your scan
  • Unit 13: Scanning web services
  • Unit 14: Extending Security AppScan Standard
  • Unit 15: Troubleshooting Security AppScan Standard