IBM Security AppScan Standard Fundamentals

This course is designed to give a basic proficiency in the use of AppScan Standard to scan web sites for vulnerabilities.

Profil uczestnika

Beginning AppScan users

Agenda

1. AppScan Standard Overview
2. Installation and setup
3. Preparing for your scan
4. Configuring your first scan
5. Reviewing the results
6. Reporting
7. Logging in and managing sessions
8. Optimizing your scan
9. Glass box scanning
10. Content-based scanning
11. Content-based scanning
12. Reviewing scan coverage
13. Scanning web services
14. Extending AppScan Standard
15. Troubleshooting AppScan

Wymagane przygotowanie uczestników

Before taking this course, make sure that you have the following skills:

• Familiarity with web application targeted attacks
• Familiarity with web site technologies
• Familiarity with basic internet protocols

Zagadnienia

• Explain the capabilities of Security AppScan Standard
• Describe the potential risks of conducting an automated security scan
• Configure and run a security scan
• Compare manual and automatic exploration
• Describe the process of analyzing scan results and using issue management
• Review scan results, filter false positives, prioritize issues, and communicate them to your stakeholders
• Optimize your scan configuration and use advanced techniques to scan your web applications
• Explain scan logs and messages, export a scan log, and troubleshoot scans
• Create reports that are based on discovered security issues
• Extend the functions by using the Security AppScan Standard Software Development Kit (SDK) and eXtensions Framework (AXF)
• Troubleshoot Security AppScan Standard