What's new in AppScan Standard version
|
|
- Sharon French
- 6 years ago
- Views:
Transcription
1 What's new in AppScan Standard version IBM Audio Security Connection support dialog by Open access Mic the Slides and more information: February 22, 2017 IBM Security To hear the WebEx audio, select an option in the Communicate > Audio Connection menu option. To ask a question by voice, you must either Call In or have a microphone on your device. For more information, visit: NOTICE: By participating in this call, you give your Irrevocable consent to IBM to record any statements that you may make during the call, as well as to IBM s use of such Recording in any and all media, including for video postings on YouTube. If you object, please do not connect to this call.
2 Presenters: Ronen Bachar - AppScan Standard Dev Manager Shay Ophir - AppScan SW Engineer Idan Slonimsky - AppScan SW Engineer Lior Margalit - AppScan L3 Team lead Daniel Dubnikov - AppScan Engine Team Lead Panelist: Joe Lacy - AppScan Support Engineer Scott Hurd - AppScan Support Engineer Marek Stepien AppScan Knowledge Leader Moderator: Joe Kiggen AppScan and SKLA Support Manager IBM Security
3 Agenda: What's new in AppScan Standard version Product overview Action Based Multi-Step (ABMS) ASoC Integration AppScan commands improvements XSS testing with a Browser New compliance report GDPR IBM Security
4 Product Overview Customer Profiles Customers with a limited knowledge on either AppScan or security may run a scan easily Customers with limited resources can perform multiple scans Benefits Security scanning on cloud: A scalable solution to scan many apps easily Centralized management of your apps and results Scan Enablers verify coverage/in-session and security perspective Customer s machine isn t occupied during scan Scalable solution, allows concurrent scans Centralize your tested apps and scan results Action Base Multi-Step: Better support of RIA apps, especially in case apps with workflows Relatively easy to setup
5 Action-Based Multi-Step Operation (ABMS) Introduction Action-Based Advantages How to record Action-Based Sequence How to test Action-Based Multi-Step Operation Defining sequence variables Limitations
6 ABMS Introduction Scan Configuration > Multi-step Operations
7 ABMS Introduction Multi-step operation is enhanced with action based mechanism (Action-Based Multi-Step). This mechanism is based on the actions the user performs in the applications (the same as Action based login), rather than the traditional mechanism, which relies on recorded HTTP Requests. Action-based approach simplify configuration and provide a solution in cases where Request-Based Multi-Step fails.
8 Advantages of ABMS ABMS utilizes a real browser hence is free of many request-based limitations, since the browser does the client-side work. ABMS enables tracking parameters that are updated on client side (JS). With Request-based we track parameters from the response or the previous requests (but we could not track parameters that were updated on the tested request). ABMS simplifies the configuration. No need to use custom response, custom header response. Since the browser generates the correct parameters, cookies and headers, we can copy them from the browser to the mutated test request.
9 Advantages of ABMS ABMS enables better step validation. Browsers give a better representation of actual user actions. You can see if the actions played correctly with your own eyes by enabling browser-visible mode. ABMS utilizes a Browser's JS engine (don t need JSX). Browsers are up-to-date with the latest technologies.
10 How to record Action-Based Sequence Recording of the sequence is the same as recording the request-based sequence: 1. Set starting URL. 2. In Multi-Step Operation select: Login and then record or Record (without login) 3. Record the multi-step actions in the browser.
11 How to record Action-Based Sequence After closing the browser the sequence will be added to Multi Step Operations The sequence is recorded as a Request-based sequence
12 How to record Action-Based Sequence Select the Action-based option in the Playback Method section. Click Validate to validate the recording You may turn the Tracked option on the relevant parameters/cookies before the validation
13 Action-based mode description The Recorded Browser Actions panel shows the actions that were executed before each request The actions can be edited (as in Action-based Login).
14 How to test ABMS Start testing in the same way as with Request-based in previous versions of AppScan, for example with: Scan > Test Multi-Step Operations Only.
15 How to test ABMS You may also test using the Request-based method by switching Playback Method before starting the test. The selected playback method applies to all the multi-step sequences.
16 How to record and test ABMS short demo
17 Defining sequence variables in ABMS Define a sequence variable as follows 1. Right-click on the action and select Set a dynamic value. 2. Set the parameter as tracked.
18 ABMS Limitations ABMS is slow due to the need to open the browser for each test. You can reduce the time by choosing Don t test for requests that you do not need to test. ABMS playback does not support all sites. Play optimization is not available. When using Login and then record, ABMS does not check in-session, and login actions are performed in each test. Validation verifies only that all actions were performed properly, but does not validate the requests. External browser is not supported.
19 ASoC Integration AppScan Standard integration with ASoC ASoC stands for IBM Application Security on Clouds
20 ASoC Integration You can create a new scan in the cloud (ASoC) directly from AppScan Standard with: File > Export > Upload Scan to Application Security on Cloud
21 ASoC Integration - login There are two ways to login into AsoC from AppScan Standard: 1) With a User ID and Password 2) With Key ID and Key Secret (mainly used by federated users) Key ID and Secret can be generated from ASoC
22 ASoC Integration After login, you will be asked to Select an Application
23 ASoC Integration After selecting an application, you will get a dialog to define the basic configurations of the scan If needed, you can select a PSS (Private Site Scan) If a PSS is inactive its name will be shown in red with the suffix '(inactive)'. More information on PSS you can find at: PSS
24 ASoC Integration When clicking Upload and Run, the scan will be uploaded into ASoC, and ASoC will use the scan template and explore data from the scan to create a new scan, and will run it. Scan results will be created on ASoC (currently not possible to view the results in AppScan Standard) If the AppScan Standard scan already had results they will be cleared in ASoC.
25 ASoC Integration You can select the Test Only option only when the scan has Manual Explore data or Multi-Step Operations. Limitation: ASoC supports scan files up to 2GB
26 ASoC Integration Handling of Proxy ASoC Integration does not apply the AppScan Standard proxy that is defined at Scan Configuration > Communication and Proxy ASoC integration tries first to connect to the ASoC server without any proxy. If it fails, then Internet Explorer Proxy Settings are used.
27 New CLI commands CLI stands for Command Line Interface
28 New CLI commands AppScanCMD.exe /su " /cr "jsmith:demo1234" Ability to incorporate AppScanCMD in fully automated processes (such as Selenium QA). You can now set AppScan to Automatic Login, and define username and password for a scan, overriding any template settings. You no longer need to open AppScan manually to do this. AppScanCMD.exe /su " /cre "jsmith:demo1234" /to /mmer /opr /lp "53262" /so When opening the AppScan recording proxy using AppScanCMD, you can now save manual explore sequences to use later, without starting the scan.
29 XSS testing with a Browser The function is added to AppScan Standard , but it is not enabled by default. The feature has not been tested thoroughly, then if needed, it should be used with caution.
30 XSS testing with a Browser <p>here are the results for: <b>searchterm</b></p>
31 XSS testing with a Browser <p>here are the results for: <b><script>alert(666)</script></b></p>
32 XSS testing with a Browser <script> // Get the value of the p parameter var sterm = window.location.search.substr(3); </script>... <p>here are the results for: <b><script>document.write(sterm)</script></b></p>
33 XSS testing with a Browser <script> // Get the value of the p parameter var sterm = window.location.search.substr(3); </script>... <p>here are the results for: <b><script>document.write(sterm)</script></b></p>
34 XSS testing with a Browser Newer web technologies require complex JavaScript execution and page rendering in order to detect XSS vulnerabilities Sometimes parts of the page, and reflected data, are received asynchronously using AJAX In order to still detect these XSS vulnerabilities we are now utilizing a browser during our XSS tests Running the XSS detection on a browser s output can increase our detection capabilities and also decrease FP and FN results No changes will be required in order to support new upcoming web technologies
35 XSS testing with a Browser XSS tests that use a browser are the XSS Analyzer tests Browser testing acts as an extra validation only when the normal XSS detection fails Probes are used to prevent excessive redundant testing Issues are reported similarly to normal XSS tests, with a special header indicating that the response was rendered by a browser
36 XSS testing with a Browser If you need the feature, you can turn it on manually by setting the SendTestsUsingBrowser switch to True in the scan template. Contact AppScan Support if you need help with turning it on. The feature has not been tested thoroughly, then it is not supported in If having any issue with the feature, then the resolution may be turning it off.
37 Compliance Report - GDPR General Data Protection Regulation GDPR This Regulatory Compliance report can be generated through AppScan. [EU] Regulation 2016/679 Of The European Parliament And Of The Council (GDPR) Compliance Report
38 Questions for the panel Now is your opportunity to ask questions of our panelists. To ask a question now: Press *1 to ask a question over the phone or Type your question into the IBM Connections Cloud Meeting chat To ask a question after this presentation: You are encouraged to participate in our Forum on this topic - IBM Security
39 Where do you get more information? Header content 1 header content 2 Questions on this or other topics can be directed to the product forum: AppScan Standard forum Useful links: AppScan Standard Fix Pack 5 at Fix Central AppScan Standard versions available Get started with IBM Security Support IBM Support Portal Sign up for My Notifications Follow us: IBM Security
40 THANK YOU FOLLOW US ON: securityintelligence.com xforce.ibmcloud.com Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party. IBM Security
How AppScan explores applications with ABE and RBE
How AppScan explores applications with ABE and RBE IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationWhat's new in AppScan Standard/Enterprise/Source version
What's new in AppScan Standard/Enterprise/Source version 9.0.3.4 support Open Mic Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA
More informationAnalyzing Hardware Inventory report and hardware scan files
Analyzing Hardware Inventory report and hardware scan files IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by
More informationUnderstanding scan coverage in AppScan Standard
IBM Security AppScan Standard Open Mic Webcast January 27, 2015 Understanding scan coverage in AppScan Standard Panelists Shahar Sperling Software Architect at Application Security AppScan Tal Rabinovitch
More informationIBM Security Identity Manager New Features in 6.0 and 7.0
IBM Security Identity Manager New Features in 6.0 and 7.0 IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationUsing Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting
Using Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationHTTP Transformation Rules with IBM Security Access Manager
HTTP Transformation Rules with IBM Security Access Manager IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIntroduction to IBM Security Network Protection Manager
Introduction to IBM Security Network Protection Manager IBM SECURITY SUPPORT OPEN MIC Slides are at: https://ibm.biz/bdscvz NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM
More informationBigFix Query Unleashed!
BigFix Query Unleashed! Lee Wei IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu option. To
More informationMore on relevance checks in ILMT and BFI
More on relevance checks in ILMT and BFI IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate
More informationRemote Syslog Shipping IBM Security Guardium
Remote Syslog Shipping IBM Security Guardium IBM Security support Open Mic To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu
More informationConfiguring your policy to prevent appliance problems
Configuring your policy to prevent appliance problems IBM Security Guardium IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM Security Network Protection
IBM Security Network Protection XGS 5.3.3 firmware release Features and Enhancements IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web
More informationIBM Security Access Manager Single Sign-on with Federation
IBM Security Access Manager Single Sign-on with Federation IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationDeploying BigFix Patches for Red Hat
Deploying BigFix Patches for Red Hat IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationInterpreting relevance conditions in commonly used ILMT/BFI fixlets
Interpreting relevance conditions in commonly used ILMT/BFI fixlets IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog
More informationQRadar Open Mic: Custom Properties
November 29, 2017 QRadar Open Mic: Custom Properties IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationDisk Space Management of ISAM Appliance
IBM Security Access Manager Tuesday, 5/3/16 Disk Space Management of ISAM Appliance Panelists David Shen Level 2 Support Engineer Steve Hughes Level 2 Support Engineer Nicholas Hasten Level 2 Support Engineer
More informationIBM Security Guardium: : Sniffer restart & High CPU correlation alerts
IBM Security Guardium: : Sniffer restart & High CPU correlation alerts IBM SECURITY SUPPORT OPEN MIC, presented by Lisette Contreras, Guardium Support To hear the WebEx audio, select an option in the Audio
More informationIBM Security Network Protection Open Mic - Thursday, 31 March 2016
IBM Security Network Protection Open Mic - Thursday, 31 March 2016 Application Control and IP Reputation on the XGS Demystified Panelists Tanmay Shah, Presenter IPS/Network Protection Product Lead Bill
More informationMSS VSOC Portal Single Sign-On Using IBM id IBM Corporation
MSS VSOC Portal Single Sign-On Using IBM id Changes to VSOC Portal Sign In Page Users can continue to use the existing Client Sign In on the left and enter their existing Portal username and password.
More informationLet s Talk About Threat Intelligence
Let s Talk About Threat Intelligence IBM SECURITY SUPPORT OPEN MIC #20 Slides and additional dial in numbers: http://ibm.biz/openmic20 January 26, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR
More informationISAM Advanced Access Control
ISAM Advanced Access Control CONFIGURING TIME-BASED ONE TIME PASSWORD Nicholas J. Hasten ISAM L2 Support Tuesday, November 1, 2016 One Time Password OTP is a password that is valid for only one login session
More informationSecurity Support Open Mic: ISNP High Availability and Bypass
Panelists Ed Leisure Knowledge Engineer, Presenter Andrew Sallaway SWAT Consultant Kenji Hamahata L2 Engineer (Japan) Maxime Turlot Product Lead Arthur Testa Product Lead Jeff Dicostanzo Advanced Value
More informationIBM Threat Protection System: XGS - QRadar Integration
IBM Security Network Protection Support Open Mic - Wednesday, 25 May 2016 IBM Threat Protection System: XGS - QRadar Integration Panelists Tanmay Shah - Presenter Level 2 Support Product Lead Danitza Villaran-Rokovich,
More informationIBM Security Support Open Mic
IBM Security Support Open Mic LET S TALK ABOUT QRADAR 7.2.8 FEATURES Connect to WebEx Audio by selecting an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu
More informationXGS: Making use of Logs and Captures
IBM Security Network Protection XGS Open Mic webcast #6 June 24, 2015 XGS: Making use of Logs and Captures Panelists Bill Klauke (Presenter) Product Lead L2 Support Maxime Turlot Product Lead L2 Support
More informationISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.
ISAM Federation STANDARDS AND MAPPINGS Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support July 19, 2017 Agenda ISAM Federation Introduction Standards and Protocols Attribute Sources
More informationIBM BigFix Relays Part 1
IBM BigFix Relays Part 1 IBM SECURITY SUPPORT OPEN MIC November 19, 2015 Revised March 2, 2018 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT
More informationXGS Administration - Post Deployment Tasks
IBM Security Network Protection Support Open Mic - 18 November 2015 XGS Administration - Post Deployment Tasks Panelists Tanmay Shah XGS Product Lead, L2 Support (Presenter) Thomas Gray L2 Support Manager
More informationIBM Security Access Manager What s in the box : InfoMap Authentication Mechanism IBM SECURITY SUPPORT OPEN MIC. 13 Dec 2017
IBM Security Access Manager What s in the box : InfoMap Authentication Mechanism IBM SECURITY SUPPORT OPEN MIC 13 Dec 2017 IBM Security Learning Academy www.securitylearningacademy.com New content published
More informationIBM Security Guardium: Troubleshooting No Traffic Issues
IBM Security Guardium: Troubleshooting No Traffic Issues IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions
IBM Security Access Manager open mic webcast July 14, 2015 IBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions Panelists Gianluca Gargaro L2 Support Engineer Darren Pond L2
More informationJunction SSL Debugging With Wireshark
Junction SSL Debugging With Wireshark IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu option.
More informationXGS & QRadar Integration
IBM Security Support Open Mic - January 28, 2015 XGS & QRadar Integration Advanced Threat Protection Integration Options Panelists Wes Davis Advanced Threat Support Group Engineer (Presenter) Thomas Gray
More informationIBM Security Network Protection v Enhancements
IBM Security Network Protection v5.3.3.1 Enhancements IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationSecurity Support Open Mic Build Your Own POC Setup
IBM Security Access Manager 08/25/2015 Security Support Open Mic Build Your Own POC Setup Panelists Reagan Knowles Level II Engineer Nick Lloyd Level II Support Engineer Kathy Hansen Level II Support Manager
More informationIBM BigFix Client Reporting: Process, Configuration, and Troubleshooting
IBM BigFix Client Reporting: Process, Configuration, and Troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM Security Access Manager v8.x Kerberos Part 2
IBM Security Access Manager open mic webcast - Oct 27, 2015 IBM Security Access Manager v8.x Kerberos Part 2 Kerberos Single Sign On using Constrained Delegation Panelists Gianluca Gargaro L2 Support Engineer
More informationQRadar Feature Discussion IBM SECURITY SUPPORT OPEN MIC
QRadar 7.2.7 Feature Discussion IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationSecurity Support Open Mic Client Certificate Authentication
IBM Security Access Manager, Tuesday, December 8, 2015 Security Support Open Mic Client Certificate Authentication Panelists Jack Yarborough ISAM Level II Nick Lloyd ISAM Level II Scott Stough ISAM Level
More informationOptimizing IBM QRadar Advisor with Watson
Optimizing IBM QRadar Advisor with Watson IBM SECURITY SUPPORT OPEN MIC #25 Slides and additional dial in numbers: http://ibm.biz/openmic25 June 8, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationHow to Secure Your Cloud with...a Cloud?
A New Era of Thinking How to Secure Your Cloud with...a Cloud? Eitan Worcel Offering Manager - Application Security on Cloud IBM Security 1 2016 IBM Corporation 1 A New Era of Thinking Agenda IBM Cloud
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationIBM Application Security on Cloud
April, 2017 IBM Application Security on Cloud Service Overview Security has and will always be about understanding, managing, and mitigating the risk to an organization s most critical assets. - Dr. Eric
More informationIntegrated, Intelligence driven Cyber Threat Hunting
Integrated, Intelligence driven Cyber Threat Hunting THREAT INVESTIGATION AND RESPONSE PLATFORM Zsolt Kocsis IBM Security Technical Executive, CEE zsolt.kocsis@hu.ibm.com 6th Nov 2018 Build an integrated
More informationBigFix 101- Server Pricing
BigFix 101- Server Pricing Licensing in a Nutshell BigFix is included with AIX Enterprise Edition (AIX EE). If you have AIX EE on a system, all the cores on that system are covered and any LPAR running
More informationIBM MaaS360 Kiosk Mode Settings
IBM MaaS360 Kiosk Mode Settings Configuration Settings for Kiosk Mode Operation IBM Security September 2017 Android Kiosk Mode IBM MaaS360 provides a range of Android device management including Samsung
More informationIBM Security Identity Governance and Intelligence Clustering and High Availability
IBM Security Identity Governance and Intelligence Clustering and High Availability IBM SECURITY SUPPORT Luigi Lombardi: luigi.lombardi@it.ibm.com Gianluca Gargaro: g.gargaro@it.ibm.com Raffaele Sperandeo:
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationIBM Guardium Data Encryption
IBM Guardium Data Encryption RELEASE TAXONOMY FOR LINUX/AIX/WINDOWS 10-October-2018 GDE Taxonomy Version V.0.0.0 Major V.R.0.0 Mod V.R.M.0 SSE V.R.M.F Fixpack V.R.M.F Cadence 36-48 Months 12-15 Months
More informationSWD & SSA Updates 2018
SWD & SSA Updates 2018 Stephen Hull STSM, BigFix Development 04/09/2018 Latest SWD & SSA features What s shiny and new? SWD Support multiple tasks for a software pkg Install, Update, Uninstall, etc Export/Import
More informationLet's talk about QRadar Apps: Development & Troubleshooting IBM SECURITY SUPPORT OPEN MIC
Let's talk about QRadar Apps: Development & Troubleshooting IBM SECURITY SUPPORT OPEN MIC Slides and additional dial in numbers: http://ibm.biz/joinqradaropenmic August 23, 2017 NOTICE: BY PARTICIPATING
More informationHow to properly deploy, configure and upgrade the NAB
Panelists Jeff DiCostanzo, Presenter AVP Team Lead Bill Klauke - Level 2 Product Lead Maxime Turlot - Level 2 Product Lead Ryan Andersen - Level 2 Senior Engineer Edward A Romero - Level 3 Network Security
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationSecuring global enterprise with innovation
IBM Cybersecurity Securing global enterprise with innovation Shamla Naidoo VP, IBM Global CISO August 2018 Topics 01 02 03 Securing Large Complex Enterprise Accelerating With Artificial Intelligence And
More informationThreat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES
Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Agenda Welcome Threat Intelligence EcoSystem Cyber Resiliency
More informationIBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation
IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring
More informationThe New Era of Cognitive Security
The New Era of Cognitive Security IBM WATSON SUMMIT KANOKSAK RATCHAPAT Senior Technical Sales 1 Today s security challenges ACTORS TARGETS VECTORS REALITY Organized Crime Healthcare Ransomware Cloud, mobile,
More informationIBM Security Directory Server: Utilizing the Audit.log
IBM Security Directory Server Open Mic Webcast #1 November 4, 2014 IBM Security Directory Server: Utilizing the Audit.log Panelists Roy Spencer L2LDAP Technical Lead Ram Reddy L2LDAP Senior Engineer Benjamin
More informationConfiguring zsecure To Send Data to QRadar
Configuring zsecure To Send Data to QRadar CONFIGURATION, SETUP, AND EXAMPLES Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free:
More informationIBM BigFix Relays Part 2
IBM BigFix Relays Part 2 IBM SECURITY SUPPORT OPEN MIC December 17, 2015 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT YOU MAY MAKE DURING
More informationIBM Cloud IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR Leader VMware on IBM Cloud VMworld 2017 Content: Not for publicati
LHC2432BU IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR Leader VMware on IBM Cloud #VMworld IBM Cloud IBM Cloud for VMware Solutions Zeb Ahmed Senior Offering Manager and BCDR
More informationSecuring communication between SDS VA and its remote DB2 DB
Securing communication between SDS 8.0.1 VA and its remote DB2 DB IBM SECURITY SUPPORT OPEN MIC PRESENTATION Ramamohan T Reddy - Senior Software Engineer / L2 Team Tech Lead - Directory Support Team Brook
More informationGX vs XGS: An administrator s comparison of the two products
: An administrator s comparison of the two products Panelists Bill Klauke IPS Product Lead, Level 2 Support Matthew Elsner XGS Development Yuceer (Banu) Ilgen XGS Development Jeff Dicostanzo AVP Support
More informationIdentity Governance Troubleshooting
Identity Governance Troubleshooting Chris Weber Level 2 support, IBM Security May 16, 2017 Identity Governance Troubleshooting Support Files contents Accessing different logs and other files though the
More informationIBM Security Access Manager
IBM Access Manager Take back control of access management with an integrated platform for web, mobile and cloud Highlights Protect critical assets with risk-based and multi-factor authentication Secure
More informationVersion Moodle Module v3.0 for Web Conferencing Configuration and Installation Guide
Version 12.5 Moodle Module v3.0 for Web Conferencing Configuration and Installation Guide June 1, 2013 Table of Contents Preface 1 Purpose of This Guide 1 Audience 1 Help and Other Resources 2 Technical
More informationPonemon Institute s 2018 Cost of a Data Breach Study
Ponemon Institute s 2018 Cost of a Data Breach Study September 18, 2018 1 IBM Security Speakers Deborah Snyder CISO State of New York Dr. Larry Ponemon Chairman and Founder Ponemon Institute Megan Powell
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationAppScan Standard Integrated with Application Security on Cloud
AppScan Standard Integrated with Application Security on Cloud Jia Li Chen cjiali@cn.ibm.com Wei Wei Zhang zhweiwei@cn.ibm.com Cheng-Yu Yu ychengyu@tw.ibm.com Version 2, February 15, 2017 Abstract: AppScan
More informationBe effective in protecting against the cybercrime
Be effective in protecting against the cybercrime INTEGRATED SECURITY FOR A NEW ERA Domenico Raguseo Domenico Scardicchio Luca Bizzotto Simone Riccetti Technical Sales Manager, Europe Software Procdut
More informationModern Realities of Securing Active Directory & the Need for AI
Modern Realities of Securing Active Directory & the Need for AI Our Mission: Hacking Anything to Secure Everything 7 Feb 2019 Presenters: Dustin Heywood (EvilMog), Senior Managing Consultant, X-Force Red
More informationCSCE 120: Learning To Code
CSCE 120: Learning To Code Module 11.0: Consuming Data I Introduction to Ajax This module is designed to familiarize you with web services and web APIs and how to connect to such services and consume and
More informationSkype for Business for Android
Skype for Business for Android November 2015 Topics in this guide include: Joining meetings Updating availability status Managing contacts Having conversations Customizing your settings For more information
More informationAccount Management Settings section. Service Request Settings section
WebEx Site Configuration Audit Log The following settings are included in the CSV export of changes to the Configuration > Common Site Settings > Options page of WebEx Site Administration. Account Management
More informationStaying GDPR Ready with MaaS360. Ankur Acharya Offering Manager, IBM MaaS360
Staying GDPR Ready with MaaS360 Ankur Acharya Offering Manager, IBM MaaS360 GDPR Overview Unified data protection law Most important change in data privacy regulations in 20 years Will replace the existing
More informationCustomized Net Conference Powered by Cisco WebEx Technology Event Center
USER GUIDE Net Conferencing h l M ti C t Customized Net Conference Powered by Cisco WebEx Technology Event Center WebEx Event Center access (first time only) Go to https://www.mymeetings.com/ Select the
More informationIBM Security Access Manager for Versions 9.0.2, IBM Security App Exchange Installer for ISAM
IBM Security Access Manager for Versions 9.0.2, 9.0.3 IBM Security App Exchange Installer for ISAM Contents PREFACE... 3 Access to publications and terminology... 3 Publication Library... 3 IBM Terminology
More informationAccelerating growth and digital adoption with seamless identity trust
Accelerating growth and digital adoption with seamless identity trust IBM Trusteer helps organizations seamlessly establish identity trust across the omnichannel customer journey Let s get started 3 Introduction
More informationLiveEngage Messaging Platform: Security Overview Document Version: 2.0 July 2017
LiveEngage Messaging Platform: Security Overview Document Version: 2.0 July 2017 Contents Introduction... 3 Supported Platforms... 3 Protecting Data in Transit... 3 Protecting Data at Rest... 3 Encryption...
More informationOctober J. Polycom Cloud Services Portal
October 2018 3725-42461-001J Polycom Cloud Services Portal Copyright 2018, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another language or format, or
More informationWEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang
WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication
More informationAppSpider Enterprise. Getting Started Guide
AppSpider Enterprise Getting Started Guide Contents Contents 2 About AppSpider Enterprise 4 Getting Started (System Administrator) 5 Login 5 Client 6 Add Client 7 Cloud Engines 8 Scanner Groups 8 Account
More informationOracle Enterprise Manager Ops Center. Introduction. What You Will Need. Creating vservers 12c Release 1 ( )
Oracle Enterprise Manager Ops Center Creating vservers 12c Release 1 (12.1.4.0.0) E27357-02 June 2013 This guide provides an end-to-end example for how to use Oracle Enterprise Manager Ops Center. Introduction
More informationTIBCO Cloud Integration Security Overview
TIBCO Cloud Integration Security Overview TIBCO Cloud Integration is secure, best-in-class Integration Platform as a Service (ipaas) software offered in a multi-tenant SaaS environment with centralized
More informationAbout MiTeam. MiTeam Stream. MiTeam on MiCollab for PC, MAC Client, and Web Client. MiTeam Stream tabs. Create a Stream.
QMiTeam for Enterprise Quick Reference Guide About MiTeam MiTeam is a work stream communications and collaboration tool that provides a highly collaborative and persistent workspace for team-meetings,
More informationIBM Compliance Offerings For Verse and S1 Cloud. 01 June 2017 Presented by: Chuck Stauber
IBM Compliance Offerings For Verse and S1 Cloud 01 June 2017 Presented by: Chuck Stauber IBM Connections & Verse Email and collaboration platform designed to help you work better Empower people Teams are
More informationIBM Security AppScan now supports SAP code quality and data loss prevention testing with Virtual Forge CodeProfiler for IBM Security AppScan Source
IBM United States Software Announcement 212-255, dated July 24, 2012 IBM Security AppScan now supports SAP code quality and data loss prevention testing with Virtual Forge CodeProfiler for IBM Security
More informationService Description. IBM Aspera Files. 1. Cloud Service. 1.1 IBM Aspera Files Personal Edition. 1.2 IBM Aspera Files Business Edition
Service Description IBM Aspera Files This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud Service.
More information2012 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Excel, Lync, Outlook, SharePoint, Silverlight, SQL Server, Windows,
2012 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Excel, Lync, Outlook, SharePoint, Silverlight, SQL Server, Windows, Windows Server, and other product names are or may be registered
More informationWEBINAR PROCEDURES ON GOTOWEBINAR
WEBINAR PROCEDURES ON GOTOWEBINAR http://www.gotowebinar.com Login (updated 4/26/12): E-mail Address: slaunitwebinars@sla.org Password: @slaunits5 IMPORTANT NOTES: Be sure to check both the Webinar schedule
More informationWebEx New user Orientation. Meeting Organizer Guide
WebEx New user Orientation Meeting Organizer Guide OBJECTIVE: AGENDA: I. II. III. IV. Utilize the tools provided at Kent State University to host and attend online meetings via the WebEx application and
More informationIntroduction to application management
Introduction to application management To deploy web and mobile applications, add the application from the Centrify App Catalog, modify the application settings, and assign roles to the application to
More informationLet s talk about QRadar 7.2.5
QRadar Open Mic Webcast #9 June 10, 2015 Let s talk about QRadar 7.2.5 Panelists Dwight Spencer Principal Solutions Architect & Co-founder of Q1 Labs Adam Frank Principal Solutions Architect Jeremy Mathews
More informationPredators are lurking in the Dark Web - is your network vulnerable?
Predators are lurking in the Dark Web - is your network vulnerable? Venkatesh Sadayappan (Venky) Security Portfolio Marketing Leader IBM Security - Central & Eastern Europe Venky.iss@cz.ibm.com @IBMSecurityCEE
More informationIBM MaaS360 with Watson Evaluator s Guide. Version 2.2
IBM MaaS360 with Watson Evaluator s Guide Version 2.2 Introduction Welcome to the IBM MaaS360 with Watson Evaluator s Guide. This document provides you with a self-guided, hands-on review of our leading
More informationContinuous Diagnostics and Mitigation demands, CyberScope and beyond
Continuous Diagnostics and Mitigation demands, CyberScope and beyond IBM BigFix streamlines federal security compliance with real-time insights and remediation Highlights Meet Continuous Diagnostics and
More informationOWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example
Proxy Caches and Web Application Security Using the Recent Google Docs 0-Day as an Example Tim Bass, CISSP Chapter Leader, Thailand +66832975101, tim@unix.com AppSec Asia October 21, 2008 Thailand Worldwide
More information