IBM Security AppScan Enterprise v8.8 now available

Downloadable files


Abstract

IBM Security AppScan Enterprise Version 8.8 has been made generally available on the IBM Passport Advantage website.

Download Description

Tab navigation


This release is a full product download.

  • Passport Advantage clients: Passport Advantage and Passport Advantage Express clients are required to sign in to Passport Advantage Online to download the image.

  • Non-Passport Advantage clients: If your organization did not purchase your software and support through Passport Advantage or Passport Advantage Express, you are required to sign in to the new IBM Software Group OEM Portal to download the image.

    Note: This includes clients with Flexible Contract Type (FCT) license purchases and IBM Business Partners.

    For assistance with the IBM Software Group OEM Portal, visit the eCustomer care page.


Here are the main new features and enhancements in this release:

  • Enhanced encryption (support for TLS 1.2), and compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.
  • Leverage the scalability of the AppScan Enterprise Dynamic Analysis Scanner by importing and scheduling scans configured with the AppScan Standard desktop application.
  • Reuse functional QA test scripts and implement Dynamic Analysis security testing automation via new REST API interfaces.
  • More flexibility for configuring decentralized AppScan Enterprise administration via finer custom user type settings for adding, deleting, and editing users and groups.
  • Updated OWASP Top 10 (2013) report for identifying noncompliance issues.
  • Microsoft Windows Server 2012 support.
  • Windows authentication support for AppScan Source clients.

The following features were removed in this release:
  • Support for Windows 2003, XP, Vista and Internet Explorer 7
  • Support for Rational Team Concert™ 2.0.0.2
  • Support for Microsoft .NET 4.0
  • Web application file analysis for malware
  • Infrastructure scans and reports
  • Interaction tool for recording a login sequence
  • Custom functions for cookie/parameter tracking
  • Legacy Inventory reports - Website Technologies, Web Applications, Server Side Image Maps, Missing Alt Attribute, Multimedia Content, Image Catalog

Prerequisites

Supporting Documentation
Document Description
Detailed System Requirements A detailed list of the supported hardware, operating systems and information related to IBM and third party software requirements.
Information Center Browse or search on-line information related to the deployment, configuration and usage of the product.

Installation Instructions

A Planning & Installation Guide is included in the download package at IBM Passport Advantage. This document is also available at the IBM Publications Center.

URL LANGUAGE SIZE(Bytes)
AppScan Enterprise Planning Installation Guide English 691

Download package

These download packages are available at IBM Passport Advantage:


IBM Security AppScan Enterprise Server V8.8 Multiplatform Multilingual eAssembly (Part Number CRP3SML)
This download package includes:

  • Quick Start Guide - IBM Security AppScan Enterprise V8.8 Multilingual (Part Number CIQT1ML)
  • IBM Security AppScan Enterprise Server V8.8 Windows Multilingual (Part Number CIQT3ML)
  • IBM Security AppScan Enterprise Server V8.8 Linux Multilingual (Part Number CIQT4ML)
  • Rational License Server Key V8.1.4 Multilingual (Part Number CRP2XML)
  • IBM WebSphere Application Server V8.0 Multiplatform, Multilingual (Part Number CZM9HML, CZM9IML, CZM9JML, CZVG3ML)
  • IBM WebSphere Application Server V8.0 Supplements Multiplatform, Multilingual (Part Number CZM91ML, CZM94ML, CZM95M, CZXR9ML)
  • IBM Installation Manager V1.4.3.1 for Linux x86 Multilingual (required Install WebSphere Application Server V8.0) (Part Number CZM8XML)
  • IBM Installation Manager V1.4.3.1 for Windows x86 Multilingual (required Install WebSphere Application Server V8.0) (Part Number CZM90ML)

IBM Security AppScan Enterprise Dynamic Analysis Scanner V8.8 Multilingual eAssembly (Part Number  CRP3TML )
This download package includes:
  • Quick Start Guide - IBM Security AppScan Enterprise V8.8 Multilingual (Part Number CIQT1ML)
  • IBM Security AppScan Enterprise Dynamic Analysis Scanner V8.8 Windows Multilingual (Part Number CIQT2ML)

How critical is this fix?

Recommended

Problems solved

PM83554 ASE false-positive: SSL Certificate Domain Name Mismatch thrown for compound subjectAltName
PM88919 In-session check does not use updated param value of previous request when tracked dynamically
PM88952 ASE: Duplicate cookie values can cause out of session issues with a scan
PM89591 Error generating PDF report in ASE when using data from Source
PM89592 ASE Japanese Detailed Security Report shows incorrect Japanese
PM90490 Getting Error Code: 0x8004072c in ASE 8.7
PM90674 Suspending and resuming a job can result in an increasing entity count
PM90811 ASE dashboard shows mixed languages against Source import data
PM91650 ASE Multiple Issues with Detailed PDF reports in Japanese
PM91681 The requested name is valid, but no data of the requested type was found.
PM91997 Web Services browser for ASE 8.7 does not save the .zip file on Windows 7 and XP
PM92529 ASE 8.7.0.1: Retesting an issue results in "Incomplete".
PM93262 ASE: Typo in Cacheable SSL Page Found PV Fix Remediation text
PM93457 Cacheable SSL Page Remediation text is incomplete/incorrect
PM93638 ASE: Post processing slow with batch update from local db to central db over remote connection
PM94017 407-Proxy authentication failure error during manual explore
PM94053 ASE 8.7: Export Detailed Security Issues to PDF hangs.
PM94147 ASE default installation should configure Jazz with "Use Case Insensitive user ID matching" set to "true"
PM94481 "Scan task taking more time than expected" when server stopped responding to NTLM requests
PM94940 Data for CipherSuitsRef not copied to SQL
PM95173 ASE false positive: HTTP Request Forwarding (Web Proxy) Detected
PM95211 AppScan 8.7.0.0 - scans started on different agents than the designated agent
PM95282 ASE 8.7.0.0: Re-test of Web Services scan issue sits in 'Pending' state.
PM95547 XSS Probes response wrong analysis leads to slow scan and XSS vulnerability missing
PM96996 ASE: Manual Explore can throw Invalid URI: Invalid port specified error
PM97302 ASE: Attempts to delete a folder throw an error Folder cannot be deleted
PM92237 Compliance report "WASC Threat Classification" is not up to date
PM90261 Appscan Enterprise shows misleading message when all licenses are in use

Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
Passport Advantage 22 Oct 2013 English 3608958522 HTTPS

Technical support

Tab navigation


IBM Security Software Support Communities

  • Support Portal: Click the Support Portal tab above to begin configuring your support portal experience to review FAQs, lists of known problems, fixes, and a wealth of important support information.
  • IBM Security AppScan Enterprise Support

Helpful Hints For Obtaining Technical Assistance:

Before you contact IBM Security Software Support, gather the background information that you need to describe the problem. When you describe a problem to an IBM software support specialist, be as specific as possible and include all relevant background information so that the specialist can help you solve the problem efficiently. To save time, know the answers to these questions:

  • What software versions were you running when the problem occurred?
  • Do you have logs, traces, or messages that are related to the problem?
  • Can you reproduce the problem? If so, what steps do you take to reproduce it?
  • Is there a workaround for the problem? If so, be prepared to describe the workaround.

If you have helpful information to diagnose or identify the problem on your system, you can provide this data by following the instructions to exchange information with IBM Technical Support.


Problems (APARS) fixed
PM83554, PM88919, PM88952, PM89591, PM89592, PM90261, PM90490, PM90674, PM90811, PM91650, PM91681, PM91997, PM92529, PM93262, PM93457, PM93638, PM94017, PM94053, PM94147, PM94481, PM94940, PM95173, PM95211, PM95282, PM95547, PM96996, PM97302, PM92237

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Security AppScan Enterprise
Installation

Software version:

8.8

Operating system(s):

Linux, Windows

Reference #:

4035683

Modified date:

2013-11-20

Translate my page

Machine Translation

Content navigation