Source code testing tool AppScan Source Edition released

Building on the momentum of its recent acquisition of security vendor Ounce Labs, IBM introduced AppScan Source Edition, a new addition to its Web application security and compliance portfolio. This new version of AppScan provides a comprehensive solution for organizations concerned about correcting security vulnerabilities in applications before they go live, when they are less costly to fix.

Last year, 49 percent of all vulnerabilities were related to Web applications, and alarmingly, 67 percent of these vulnerabilities had no patch available. To address these attacks, businesses should take a more holistic approach to designing critical applications and services with security woven in at the earliest stages of development. The traditional “bolt-on” approach of adding on security after systems are developed or implemented is no longer effective.

The AppScan family combines the static code analysis testing expertise from Ounce Labs with Rational’s existing dynamic testing capabilities to allow organizations to adopt security analysis across the software development lifecycle (SDLC), from design, through coding and into production.

Designed to deliver faster analysis and better triage of results with greater accuracy, AppScan Source Edition offers expanded support for several development languages, the ability to manage more than one million findings and integrations that enable enterprise and regulatory compliance reporting and better collaboration. The AppScan product family is the only portfolio that offers both static and dynamic analysis testing in one solution.