Rational AppScan Developer Edition

Embed Security Testing seamlessly into your Development Environment
Rational AppScan Developer Edition empowers developers with the ability to invoke Web application security testing within their development environment in a non-disruptive fashion. Designed as a complement to the Rational AppScan family of security testing solutions, it enables the development organization to address the volumes of security issues that can be introduced in code. The improved development lifecycle workflow can now avoid the costly security testing bottleneck that inevitably occurs at the end of the release cycle, often resulting in disruption of the scheduled release plan.

• Comprehensive Security Analysis combining Dynamic, Static & Runtime Analysis, providing unmatched coverage of potential security issues for web applications

• Next-Generation Accuracy via new patent-pending String Analysis, Developer Essentials test policy and the correlation of Static & Dynamic Analysis, greatly reducing the likelihood of false positives

• Unparalleled Ease of Use with zero-configuration Static Analysis making efficient and accurate security testing possible for Developers

• Identification of line-of-code location for Black-Box Issues - the Runtime-Analysis based Execution Flow provides textual and graphical insight, greatly simplifying the understanding and remediation of those issues.

• Self-Serve Security Testing for Developers from built-in Flash-based training, accurate and prioritized results pointing straight to the line of code, and detailed remediation advice complete with code samples

• Seamless integration into the development process through deep integration with Rational Application Developer and Eclipse and team collaboration through Rational ClearQuest and source-control systems

• Completes the Rational AppScan End-to-End security solution by enabling the security team to establish and control scanning permissions and policies and provide Security & QA teams with a way to pass reproducible vulnerability issues back to development for remediation and verification