Watchfire AppScan 7.5 web application security solution released

Watchfire introduced their new web application security solution, Watchfire AppScan 7.5. AppScan7.5 introduces the AppScan eXtensions Framework (AXF) to harness the power of Watchfire’s patented application scanning engine. Coupled with Pyscan, a new AppScan Python-Scripting based web application security testing platform, security professionals can rely on AppScan 7.5 to customize, extend and create their own custom testing solution that uses the core technology of AppScan to accomplish specific security-related tasks. In addition, the company also launched the AppScan eXtensions open source community that lets security professionals benefit from the expertise of all AppScan users.
 
“With AppScan 7.5, Watchfire has really opened up the full power of the AppScan engine to our users,” said Michael Weider, founder and chief technology officer of Watchfire. “With a customer base that makes up nearly a third of the global market share, our customers have great ideas on how to customize AppScan to even better address the unique challenges they face on the front lines of security every day.  Watchfire’s eXtensions community and website is all about innovation. Our customers can now create and share their own extensions, and collaborate together on new ways to leverage the new open flexibility of AppScan.”
 
Samples of AppScan eXtensions immediately available for download today include:
 
·         QA Defect Logger – Export security defects into leading quality assurance issue-tracking systems including HP Quality Centerâ„? and IBM Rational ClearQuest;

·         Microsoft Visual Studio Team System Defect Export – Export issues from AppScan directly into Visual Studio Team System (created by Dan Cornell, Denim Group);

·         WordReporter – Generate customized and editable reports based on Microsoft Word templates;

·         Mail-E-Vent – Receive email notifications when certain AppScan events occur during the scan;

·         HTTPScout – Leverage NMAP to locate open HTTP or HTTPS ports on the scanned web server, adding them to the current scan configuration with a single click;

·         DirectoryList-To-EXD – Import a list of any files from the web server including web pages, include files and others into AppScan to improve coverage (created by Dennis Rand, Jyske Bank A/S);

·         QuickSearch Extension – Search issue types with a right click, covering online databases like Google, SecurityFocus and others (created by Oliver Ng, Deloitte & Touche LLP).
Â