What's new in AppScan Standard/Enterprise/Source version
|
|
- Bryan Tyler
- 6 years ago
- Views:
Transcription
1 What's new in AppScan Standard/Enterprise/Source version support Open Mic Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: USA toll: Participant passcode: Slides and additional dial in numbers: Nov 16, 2016 NOTICE: By participating in this call, you give your Irrevocable consent to IBM to record any statements that you may make during the call, as well as to IBM s use of such Recording in any and all media, including for video postings on YouTube. If you object, please do not connect to this call.
2 Presenter: Tal Rabinovitch - AppScan Standard Dev Manager Makida Yohannes - AppScan Enterprise Developer Robert Fiszer - AppScan Source Support Engineer Panelist: Daniel Dubnikov AppScan Dev Team Lead Joe Lacy - AppScan Support Engineer Scott Hurd - AppScan Support Engineer Marek Stepien AppScan Knowledge Leader Moderator: Joe Kiggen AppScan and SKLA Support Manager
3 Goal of session To present what you (customer) can expect in AppScan Standard, AppScan Enterprise, and AppScan Source version released in October 2016.
4 Agenda What's new in Appscan Standard What's new in Appscan Enterprise What's new in Appscan Source Questions and Answers
5 What's new in Appscan Standard Presenter: Tal Rabinovitch, AppScan Standard Dev Manager New exploring method "Action Based Explore" Request filtering New improved "User Defined Tests" Possibility to Change Host in starting URL Improvements in Manual Explore UI Possibility to exclude tests in Multi-step operations
6 Action Based Action Based technology is where we utilize a browser in order to execute a set of actions. Action Based is an alternative method to Request Based where we use and manipulate the HTTP requests/responses. Action Based is a term we started using in AppScan 8.8, 3 years ago with Action Based Login Action Based Login allowed us to overcome a lot of the session challenges we encountered with the traditional Request Based approach, and dramatically improved AppScan s ability to cope with complex sessions out of the box. In (Jan 2016), Action Based technology was also integrated into the Automatic login option, allowing AppScan to automatically browse and locate the login page, fill out the credentials and submit. In , we are introducing Action Based Explore.
7 Action Based Explore Sometimes, using AppScan's (Request Based) automatic explore capabilities will not generate a sufficient coverage of the tested application. In such cases, manual explore is also required by the user. The advantage of manual explore is that it s utilizing a real browser Browsers have better JavaScript capabilities Browsers are up-to-date with the latest technologies Browsers give a true representation of the application In order to reduce the need for Manual Explore, we started integrating Action Based technology into the Explore phase. Another way to think about it is Automatic manual explore.
8 How to enable/disable Action Based Explore The new Action Based Method Our traditional automatic explore method In , Action Based Explore is added as a 2 nd explore method running before the traditional Request Based automatic explore method. Each of the methods can be turned on or off (one must be enabled) in the Scan Configuration > Explore Options tab. If you want to see the browser during the explore phase, set the SessionManagement.ShowActionBasedPlayerWindow option to 'True' in the Tools > Options > Advanced tab.
9 Action Based Explore Filtering Action Based Explore uses two main techniques to reduce the time of the scan Pages that have a similar DOM to an already explored page will be skipped (no action in these pages will be executed) Actions that we predict will lead to a page that will be filtered due to similar DOM will not be executed (We refer to this feature as Click Filtering) In addition, every request that is recorded during the Action Based Explore phase will be analyzed with our current DOM Filtering mechanism and might get filtered in AppScan.
10 Request Filtering Our current DOM Filtering in AppScan will filter a page if its DOM is similar to that of an already explored page. This can lead to a strange where we have two pages that have significantly different DOMs but contain an identical individual request within them. For example, a shared JS file. For these cases we have enhanced the DOM Filtering feature to also examine each individual request in a page, and if two requests have a near identical body, we will filter this individual request. Requests that are filtered due to this reason will be displayed under the Filtered tab with this filter type: Similar Body
11 User Defined Tests User defined tests were available in AppScan Standard from day one The current User Defined Tests are offering very limited power. Almost no Detection functions to decide whether a test should be executed or not Limited Mutations practically changing specific parameters, adding ones or changing the all path. Limited validations either we got a 200ok status, or specific pattern in the response Many Advanced users were asking us to enhance these capabilities so more meaningful tests can be created and also use them for company policy enforcements (e.g. to test if the app uses an old version of some 3 rd party dependencies..), re-creation of manually detected vulnerabilities, etc
12 User Defined Tests In we are introducing our enhanced User Defined Tests As for regular test, each test is build from 3 main functions: Detection Validation Mutation Detection: What conditions should be met in order to execute the test. Mutation (Test Sequence): What are the modifications done when running this test. Validation: What conditions should be met in order to mark this test as a valid issue. A test can now apply a set of conditions for each function with logical functions (And, Or, Not).
13 User Defined Tests As before, User Defined Tests can be found in Tools -> User Defined Test As before, creating a new test is done using a wizard which works you through the steps of creating a new rule. One of the first steps in the wizard is to choose the Test Type. Each test have different sets of mutation functions, depending on the tested element (request, parameter, path)
14 User Defined Tests Detection (Filter) Detections available: Request: Path match regexp Param / Cookie / Header: Exists Exists + Value match regexp Body match Regexp Detections Example: ( myuserid parameter exists in the request ) OR ( (Response Code is 3xx) AND (mybodypattern exist in the body response) ) Response: Status code Is / is not specific number (202) Is / is not belong to a specific group (2xx, 3xx) Header: Exists Exists + Value match regexp Body match Regexp
15 User Defined Tests Mutation (Test Sequence) Mutations available: Request Path: Set, Append, Prepend Param \ Cookie \ Header: Value - Set, Append. Add Remove Body set Mutation Example: ( Change value of parameter searchterms to <script>alert(1)</script> ) AND ( Add parameter ID with Value =1234 )
16 User Defined Tests Validations Validations available: Response Status code: Is / is not specific number (202) Is / is not belong to a specific group (2xx, 3xx) Header: Exists Exists + Value match regexp Body: Equal original response Match regex Validation Example: ( Response Code is not 2xx ) AND ( Body does NOT contain error )
17 User Defined Tests Import & Export User Defined Tests can be exported to a.udt file. A UDT file can contain more then one test (based on the tests the user decided to export)
18 Change Host 18 In testing environments, it is likely for host names, IPs or ports to be changed or even be set dynamically. This is typical for DevOps process kind of deployments. Up until now, users who already had a pre-configured templates for one host, had to create a new one when the host name was changed. Regardless of the fact that the deployed application is the exact same application. In we enhanced our support for such a scenario.
19 Change Host When no explored data exists 19 Use Case: an existing scan template which its host/ip/port/schema was modified. How to modify the scan template: 1) After loading the scan template, the user modifies the Starting URL 2) When the user apply this changes, AppScan will display a confirmation dialog asking whether a change host operation should be triggered. 3) If the user chooses Yes, AppScan triggers a modification and validation phase. In this phase AppScan will replace all the old data with the new data and validate the URL, Login and Multi-step seq (if such exist)
20 Change Host When explored data exists 20 If there is already some explore data, the starting url is disabled. To change the host, the user can click on menu: Scan->Change Host/Scheme/Port. A change host UI will appear allowing the user to specify his changes. After specifying the new Starting URL, the same confirmation dialog will appear. When confirmed, modification and validation phase will be triggered where all the explored data (apart from manual explore) and test results will be deleted.
21 Change Host CLI 21 As often change host capability will be needed as part of an automatic deploy/test scenario, this functionality also exists through the CLI. In this example we take an existing demo.testfire.net scan template, change its host from to and run an explore only scan.
22 Change Host ASE 22 In AppScan Enterprise, when using the ADAC (AppScan Dynamic Analysis Client), the same change host functionality exist. Similar to the one described in the AppScan Standard UI section.
23 Enhancements in Manual Explore UI 23 Up until now, In AppScan Standard, when the user recorded a manual explore sequence, recorded request couldn t be deleted before the analysis phase. Now the user can: Delete unneeded recorded requests. Easily specify which recorded hosts should be include in the scan. Same UI functionality exists in the ADAC.
24 Exclude test for Multi- Step sequences 24 Sometimes, you will want to only test specific requests in your Multi Step Sequence. Up until now, this was a tedious task In AppScan Standard. Now a simple UI option was added to the Multi step sequence allowing the user to mark which request is important for testing and which is not. This option can highly improve the efficiency of multi step testing which usually take longer because of the need to replay the seq before each test.
25 What's new in Appscan Enterprise Presenter: Makida Yohannes, AppScan Enterprise Developer Action Based Explorer User Defined Tests Issue import activities listed in Monitor Export to XML Option added in Monitor Scan File available for download
26 Action Based Explorer Overview The Explore method is included in AppScan Enterprise with similar configuration as AppScan Standard. Users can select any one of the Explore Methods, or both. By default both methods are selected.
27 User Defined Tests Overview It gives users the ability to import user defined tests that are exported from AppScan Standard. Export *.udt file from AppScan Standard.
28 User Defined Tests Overview - 2 In AppScan Enterprise, go to Main menu > Administration > User Defined Tests. Browse to the location of the *.udt file and import it. Note: Each *.udt file can contain many user-defined tests. The installed user defined test will be executed whenever a scan runs.
29 User Defined Tests Overview - 3 List of all User Defined Tests can be seen in the grid.
30 User Defined Test Overview - 4 While uploading the *.udt file, if duplicate user defined tests are in the system, the user can choose to override the existing tests or cancel the installation. Canceling the installation will also cancel installation of any new rules that might exist in *.udt file.
31 Issue import activities listed in Monitor tab Overview List of Issue Import activities can now be seen in Monitor tab Go to an application > Click view details
32 Export to XML Option added on Monitor Overview The ability to export reports in xml format is added in the monitor side. Go to an application select issues and choose Export to XML option.
33 Export to XML Option added on Monitor Overview - 2 Go through the pages selecting your options as you would do for the other export formats. The screenshot of the exported xml file is as shown below.
34 Scan File is Available The encrypted scan file that was only used by support, is no longer password protected and is now available for users as well. The file exists in Extended support log.
35 What's new in Appscan Source Presenter: Robert Fiszer, AppScan Source Support Engineer IFA entitlement for Source (on-prem) users Improvement in filter usability Improvements in scanning large/complex applications
36 What is IFA Intelligent Findings Analytics, a cloud based tool. Analyzes Source assessments to identify most critical issues in a scan. More info: IFA by Kris Duer IFA Walkthrough
37 IFA Enablement for Source (on-prem) Users AppScan Source users are entitled to 10 free IFA scans If you have paid IFA scans, you will have 10 additional free scans per month
38 IFA Enablement for Source (on-prem) Users Must have an existing paid or trial account with BlueMix as well as a (free) IBM ID. These scans count against applicable global limits.
39 AppScan Source Filter Improvements AppScan Source exclusion filter usability has been improved Exclusion filters now have the option to be applied in either an AND or an OR fashion. Restrict and inverted restrict filters remain the same.
40 Unchanged AppScan Source Filters Behavior Multiple restrict to filters applied: OR logic Any findings that matches any one of the filters will be retained. Multiple inverted restrict to filters applied: Pruning behavior Any finding that matches any one of the filters will be discarded.
41 Changed AppScan Source Filters Behavior Previously, multiple exclude filters applied: AND logic Only findings that match all filters were removed. Currently, multiple exclude filters applied: Selectable logic Can be set to match all (old behavior) or match one (new option).
42 Changed AppScan Source Filters Behavior
43 Improvements in Scanning Large/Complex Applications Previously, AppScan source suffered from several dubious errors: Internal Errors Memory Limit Failure Out of Memory errors Swap memory errors General compilation errors
44 Improvements in Scanning Large/Complex Applications Internal Errors Internal Errors have been resolved in General Compilation Errors Still need to be analyzed on a case-by-case basis
45 Improvements in Scanning Large/Complex Applications If you get one of these errors: Memory Limit Failure Out of Memory Swap Limit Failure please open a support ticket (PMR). The AppScan support has been provided with additional tools and procedures to resolve and work around these issues.
46 Questions for the panel Now is your opportunity to ask questions of our panelists. To ask a question now: Press *1 to ask a question over the phone or Type your question into the IBM Connections Cloud Meeting chat To ask a question after this presentation: You are encouraged to participate in our Forum on this topic -
47 Where do you get more information? Header content 1 header content 2 Questions on this or other topics can be directed to the product forum: AppScan Standard forum AppScan Enterprise forum AppScan Source forum More articles you can review: AppScan Standard Fix Pack 4 at Fix Central AppScan Enterprise fixpack available at FixCentral AppScan Source Fix Pack 4 for version at Fix Central Useful links: Get started with Support IBM Support Portal Sign up for My Notifications Follow us:
48 THANK YOU FOLLOW US ON: securityintelligence.com xforce.ibmcloud.com Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
What's new in AppScan Standard version
What's new in AppScan Standard version 9.0.3.5 IBM Audio Security Connection support dialog by Open access Mic the Slides and more information: http://www.ibm.com/support/docview.wss?uid=swg27049311 February
More informationHow AppScan explores applications with ABE and RBE
How AppScan explores applications with ABE and RBE IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationUnderstanding scan coverage in AppScan Standard
IBM Security AppScan Standard Open Mic Webcast January 27, 2015 Understanding scan coverage in AppScan Standard Panelists Shahar Sperling Software Architect at Application Security AppScan Tal Rabinovitch
More informationAnalyzing Hardware Inventory report and hardware scan files
Analyzing Hardware Inventory report and hardware scan files IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by
More informationIBM Security Network Protection
IBM Security Network Protection XGS 5.3.3 firmware release Features and Enhancements IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web
More informationDeploying BigFix Patches for Red Hat
Deploying BigFix Patches for Red Hat IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationDisk Space Management of ISAM Appliance
IBM Security Access Manager Tuesday, 5/3/16 Disk Space Management of ISAM Appliance Panelists David Shen Level 2 Support Engineer Steve Hughes Level 2 Support Engineer Nicholas Hasten Level 2 Support Engineer
More informationSecurity Support Open Mic: ISNP High Availability and Bypass
Panelists Ed Leisure Knowledge Engineer, Presenter Andrew Sallaway SWAT Consultant Kenji Hamahata L2 Engineer (Japan) Maxime Turlot Product Lead Arthur Testa Product Lead Jeff Dicostanzo Advanced Value
More informationIBM Security Identity Manager New Features in 6.0 and 7.0
IBM Security Identity Manager New Features in 6.0 and 7.0 IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIBM Threat Protection System: XGS - QRadar Integration
IBM Security Network Protection Support Open Mic - Wednesday, 25 May 2016 IBM Threat Protection System: XGS - QRadar Integration Panelists Tanmay Shah - Presenter Level 2 Support Product Lead Danitza Villaran-Rokovich,
More informationHTTP Transformation Rules with IBM Security Access Manager
HTTP Transformation Rules with IBM Security Access Manager IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationMore on relevance checks in ILMT and BFI
More on relevance checks in ILMT and BFI IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate
More informationIntroduction to IBM Security Network Protection Manager
Introduction to IBM Security Network Protection Manager IBM SECURITY SUPPORT OPEN MIC Slides are at: https://ibm.biz/bdscvz NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM
More informationXGS: Making use of Logs and Captures
IBM Security Network Protection XGS Open Mic webcast #6 June 24, 2015 XGS: Making use of Logs and Captures Panelists Bill Klauke (Presenter) Product Lead L2 Support Maxime Turlot Product Lead L2 Support
More informationUsing Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting
Using Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM Security Network Protection Open Mic - Thursday, 31 March 2016
IBM Security Network Protection Open Mic - Thursday, 31 March 2016 Application Control and IP Reputation on the XGS Demystified Panelists Tanmay Shah, Presenter IPS/Network Protection Product Lead Bill
More informationIBM Security Support Open Mic
IBM Security Support Open Mic LET S TALK ABOUT QRADAR 7.2.8 FEATURES Connect to WebEx Audio by selecting an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu
More informationIBM Security Access Manager Single Sign-on with Federation
IBM Security Access Manager Single Sign-on with Federation IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationConfiguring your policy to prevent appliance problems
Configuring your policy to prevent appliance problems IBM Security Guardium IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationXGS & QRadar Integration
IBM Security Support Open Mic - January 28, 2015 XGS & QRadar Integration Advanced Threat Protection Integration Options Panelists Wes Davis Advanced Threat Support Group Engineer (Presenter) Thomas Gray
More informationRemote Syslog Shipping IBM Security Guardium
Remote Syslog Shipping IBM Security Guardium IBM Security support Open Mic To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu
More informationQRadar Open Mic: Custom Properties
November 29, 2017 QRadar Open Mic: Custom Properties IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationSecurity Support Open Mic Build Your Own POC Setup
IBM Security Access Manager 08/25/2015 Security Support Open Mic Build Your Own POC Setup Panelists Reagan Knowles Level II Engineer Nick Lloyd Level II Support Engineer Kathy Hansen Level II Support Manager
More informationBigFix Query Unleashed!
BigFix Query Unleashed! Lee Wei IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu option. To
More informationInterpreting relevance conditions in commonly used ILMT/BFI fixlets
Interpreting relevance conditions in commonly used ILMT/BFI fixlets IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog
More informationQRadar Feature Discussion IBM SECURITY SUPPORT OPEN MIC
QRadar 7.2.7 Feature Discussion IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationIBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions
IBM Security Access Manager open mic webcast July 14, 2015 IBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions Panelists Gianluca Gargaro L2 Support Engineer Darren Pond L2
More informationXGS Administration - Post Deployment Tasks
IBM Security Network Protection Support Open Mic - 18 November 2015 XGS Administration - Post Deployment Tasks Panelists Tanmay Shah XGS Product Lead, L2 Support (Presenter) Thomas Gray L2 Support Manager
More informationSecurity Support Open Mic Client Certificate Authentication
IBM Security Access Manager, Tuesday, December 8, 2015 Security Support Open Mic Client Certificate Authentication Panelists Jack Yarborough ISAM Level II Nick Lloyd ISAM Level II Scott Stough ISAM Level
More informationIBM Security Access Manager v8.x Kerberos Part 2
IBM Security Access Manager open mic webcast - Oct 27, 2015 IBM Security Access Manager v8.x Kerberos Part 2 Kerberos Single Sign On using Constrained Delegation Panelists Gianluca Gargaro L2 Support Engineer
More informationMSS VSOC Portal Single Sign-On Using IBM id IBM Corporation
MSS VSOC Portal Single Sign-On Using IBM id Changes to VSOC Portal Sign In Page Users can continue to use the existing Client Sign In on the left and enter their existing Portal username and password.
More informationLet s Talk About Threat Intelligence
Let s Talk About Threat Intelligence IBM SECURITY SUPPORT OPEN MIC #20 Slides and additional dial in numbers: http://ibm.biz/openmic20 January 26, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR
More informationOptimizing IBM QRadar Advisor with Watson
Optimizing IBM QRadar Advisor with Watson IBM SECURITY SUPPORT OPEN MIC #25 Slides and additional dial in numbers: http://ibm.biz/openmic25 June 8, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE
More informationIBM Security Guardium: : Sniffer restart & High CPU correlation alerts
IBM Security Guardium: : Sniffer restart & High CPU correlation alerts IBM SECURITY SUPPORT OPEN MIC, presented by Lisette Contreras, Guardium Support To hear the WebEx audio, select an option in the Audio
More informationHow to Secure Your Cloud with...a Cloud?
A New Era of Thinking How to Secure Your Cloud with...a Cloud? Eitan Worcel Offering Manager - Application Security on Cloud IBM Security 1 2016 IBM Corporation 1 A New Era of Thinking Agenda IBM Cloud
More informationIBM BigFix Client Reporting: Process, Configuration, and Troubleshooting
IBM BigFix Client Reporting: Process, Configuration, and Troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationISAM Advanced Access Control
ISAM Advanced Access Control CONFIGURING TIME-BASED ONE TIME PASSWORD Nicholas J. Hasten ISAM L2 Support Tuesday, November 1, 2016 One Time Password OTP is a password that is valid for only one login session
More informationISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.
ISAM Federation STANDARDS AND MAPPINGS Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support July 19, 2017 Agenda ISAM Federation Introduction Standards and Protocols Attribute Sources
More informationHow to properly deploy, configure and upgrade the NAB
Panelists Jeff DiCostanzo, Presenter AVP Team Lead Bill Klauke - Level 2 Product Lead Maxime Turlot - Level 2 Product Lead Ryan Andersen - Level 2 Senior Engineer Edward A Romero - Level 3 Network Security
More informationIBM BigFix Relays Part 1
IBM BigFix Relays Part 1 IBM SECURITY SUPPORT OPEN MIC November 19, 2015 Revised March 2, 2018 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT
More informationIBM Security Guardium: Troubleshooting No Traffic Issues
IBM Security Guardium: Troubleshooting No Traffic Issues IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationConfiguring zsecure To Send Data to QRadar
Configuring zsecure To Send Data to QRadar CONFIGURATION, SETUP, AND EXAMPLES Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free:
More informationJunction SSL Debugging With Wireshark
Junction SSL Debugging With Wireshark IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu option.
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationIBM Guardium Data Encryption
IBM Guardium Data Encryption RELEASE TAXONOMY FOR LINUX/AIX/WINDOWS 10-October-2018 GDE Taxonomy Version V.0.0.0 Major V.R.0.0 Mod V.R.M.0 SSE V.R.M.F Fixpack V.R.M.F Cadence 36-48 Months 12-15 Months
More informationIBM Security Directory Server: Utilizing the Audit.log
IBM Security Directory Server Open Mic Webcast #1 November 4, 2014 IBM Security Directory Server: Utilizing the Audit.log Panelists Roy Spencer L2LDAP Technical Lead Ram Reddy L2LDAP Senior Engineer Benjamin
More informationIBM Application Security on Cloud
April, 2017 IBM Application Security on Cloud Service Overview Security has and will always be about understanding, managing, and mitigating the risk to an organization s most critical assets. - Dr. Eric
More informationIBM Security Access Manager What s in the box : InfoMap Authentication Mechanism IBM SECURITY SUPPORT OPEN MIC. 13 Dec 2017
IBM Security Access Manager What s in the box : InfoMap Authentication Mechanism IBM SECURITY SUPPORT OPEN MIC 13 Dec 2017 IBM Security Learning Academy www.securitylearningacademy.com New content published
More informationIBM Security Identity Governance and Intelligence Clustering and High Availability
IBM Security Identity Governance and Intelligence Clustering and High Availability IBM SECURITY SUPPORT Luigi Lombardi: luigi.lombardi@it.ibm.com Gianluca Gargaro: g.gargaro@it.ibm.com Raffaele Sperandeo:
More informationBigFix 101- Server Pricing
BigFix 101- Server Pricing Licensing in a Nutshell BigFix is included with AIX Enterprise Edition (AIX EE). If you have AIX EE on a system, all the cores on that system are covered and any LPAR running
More informationIdentity Governance Troubleshooting
Identity Governance Troubleshooting Chris Weber Level 2 support, IBM Security May 16, 2017 Identity Governance Troubleshooting Support Files contents Accessing different logs and other files though the
More informationGX vs XGS: An administrator s comparison of the two products
: An administrator s comparison of the two products Panelists Bill Klauke IPS Product Lead, Level 2 Support Matthew Elsner XGS Development Yuceer (Banu) Ilgen XGS Development Jeff Dicostanzo AVP Support
More informationThreat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES
Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Agenda Welcome Threat Intelligence EcoSystem Cyber Resiliency
More informationLet s talk about QRadar 7.2.5
QRadar Open Mic Webcast #9 June 10, 2015 Let s talk about QRadar 7.2.5 Panelists Dwight Spencer Principal Solutions Architect & Co-founder of Q1 Labs Adam Frank Principal Solutions Architect Jeremy Mathews
More informationSWD & SSA Updates 2018
SWD & SSA Updates 2018 Stephen Hull STSM, BigFix Development 04/09/2018 Latest SWD & SSA features What s shiny and new? SWD Support multiple tasks for a software pkg Install, Update, Uninstall, etc Export/Import
More informationIBM MaaS360 Kiosk Mode Settings
IBM MaaS360 Kiosk Mode Settings Configuration Settings for Kiosk Mode Operation IBM Security September 2017 Android Kiosk Mode IBM MaaS360 provides a range of Android device management including Samsung
More informationIBM Security Network Protection v Enhancements
IBM Security Network Protection v5.3.3.1 Enhancements IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIntegrated, Intelligence driven Cyber Threat Hunting
Integrated, Intelligence driven Cyber Threat Hunting THREAT INVESTIGATION AND RESPONSE PLATFORM Zsolt Kocsis IBM Security Technical Executive, CEE zsolt.kocsis@hu.ibm.com 6th Nov 2018 Build an integrated
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationAvePoint Online Services for Partners 2
AvePoint Online Services for Partners 2 User Guide Service Pack 1 Issued June 2017 Table of Contents What s New in this Guide...4 About...5 Submitting Documentation Feedback to AvePoint...6 Browser Support
More informationForeScout Extended Module for Qualys VM
ForeScout Extended Module for Qualys VM Version 1.2.1 Table of Contents About the Qualys VM Integration... 3 Additional Qualys VM Documentation... 3 About This Module... 3 Components... 4 Considerations...
More informationLet's talk about QRadar Apps: Development & Troubleshooting IBM SECURITY SUPPORT OPEN MIC
Let's talk about QRadar Apps: Development & Troubleshooting IBM SECURITY SUPPORT OPEN MIC Slides and additional dial in numbers: http://ibm.biz/joinqradaropenmic August 23, 2017 NOTICE: BY PARTICIPATING
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationIBM BigFix Relays Part 2
IBM BigFix Relays Part 2 IBM SECURITY SUPPORT OPEN MIC December 17, 2015 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT YOU MAY MAKE DURING
More informationSecuring global enterprise with innovation
IBM Cybersecurity Securing global enterprise with innovation Shamla Naidoo VP, IBM Global CISO August 2018 Topics 01 02 03 Securing Large Complex Enterprise Accelerating With Artificial Intelligence And
More informationService Description. IBM Aspera Files. 1. Cloud Service. 1.1 IBM Aspera Files Personal Edition. 1.2 IBM Aspera Files Business Edition
Service Description IBM Aspera Files This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud Service.
More informationCustomized Net Conference Powered by Cisco WebEx Technology Event Center
USER GUIDE Net Conferencing h l M ti C t Customized Net Conference Powered by Cisco WebEx Technology Event Center WebEx Event Center access (first time only) Go to https://www.mymeetings.com/ Select the
More informationForeScout Extended Module for MaaS360
Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationContents Using the Primavera Cloud Service Administrator's Guide... 9 Web Browser Setup Tasks... 10
Cloud Service Administrator's Guide 15 R2 March 2016 Contents Using the Primavera Cloud Service Administrator's Guide... 9 Web Browser Setup Tasks... 10 Configuring Settings for Microsoft Internet Explorer...
More informationAnsible Tower Quick Setup Guide
Ansible Tower Quick Setup Guide Release Ansible Tower 2.4.5 Red Hat, Inc. Jun 06, 2017 CONTENTS 1 Quick Start 2 2 Login as a Superuser 3 3 Import a License 4 4 Examine the Tower Dashboard 6 5 The Setup
More informationAccount Management Settings section. Service Request Settings section
WebEx Site Configuration Audit Log The following settings are included in the CSV export of changes to the Configuration > Common Site Settings > Options page of WebEx Site Administration. Account Management
More informationPonemon Institute s 2018 Cost of a Data Breach Study
Ponemon Institute s 2018 Cost of a Data Breach Study September 18, 2018 1 IBM Security Speakers Deborah Snyder CISO State of New York Dr. Larry Ponemon Chairman and Founder Ponemon Institute Megan Powell
More informationAvePoint Cloud Backup. Release Notes
AvePoint Cloud Backup Release Notes Table of Contents Table of Contents... 2 AvePoint Cloud Backup 1.1.1... 3... 3... 3 AvePoint Cloud Backup 1.1.0... 5... 5... 5 AvePoint Cloud Backup 1.0.4... 6... 6...
More informationVersion 5.0 September P Xerox App Gallery. App Gallery User Guide
Version 5.0 September 2018 702P06709 Xerox App Gallery App Gallery User Guide 2018 Xerox Corporation. All rights reserved. Xerox, Xerox and Design, ConnectKey, VersaLink, AltaLink, Xerox Extensible Interface
More informationXerox App Gallery App Gallery User Guide. Version 5.0 September P06709
Xerox App Gallery App Gallery User Guide Version 5.0 September 2018 702P06709 2018 Xerox Corporation. All rights reserved. Xerox, Xerox and Design, ConnectKey, VersaLink, AltaLink, Xerox Extensible Interface
More informationIBM Security QRadar. Vulnerability Assessment Configuration Guide. January 2019 IBM
IBM Security QRadar Vulnerability Assessment Configuration Guide January 2019 IBM Note Before using this information and the product that it supports, read the information in Notices on page 89. Product
More informationIBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation
IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring
More informationModern Realities of Securing Active Directory & the Need for AI
Modern Realities of Securing Active Directory & the Need for AI Our Mission: Hacking Anything to Secure Everything 7 Feb 2019 Presenters: Dustin Heywood (EvilMog), Senior Managing Consultant, X-Force Red
More informationCA Clarity Project & Portfolio Manager
CA Clarity Project & Portfolio Manager CA Clarity PPM Connector for Microsoft SharePoint Product Guide v1.1.0 Second Edition This documentation and any related computer software help programs (hereinafter
More informationThe New Era of Cognitive Security
The New Era of Cognitive Security IBM WATSON SUMMIT KANOKSAK RATCHAPAT Senior Technical Sales 1 Today s security challenges ACTORS TARGETS VECTORS REALITY Organized Crime Healthcare Ransomware Cloud, mobile,
More informationLookout Mobile Endpoint Security. Deploying Lookout with BlackBerry Unified Endpoint Management
Lookout Mobile Endpoint Security Deploying Lookout with BlackBerry Unified Endpoint Management June 2018 2 Copyright and disclaimer Copyright 2018, Lookout, Inc. and/or its affiliates. All rights reserved.
More informationDeltek Touch CRM for Vision. User Guide
Deltek Touch CRM for Vision User Guide September 2017 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical errors may exist.
More informationUser Scripting April 14, 2018
April 14, 2018 Copyright 2013, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and
More informationForeScout Extended Module for Tenable Vulnerability Management
ForeScout Extended Module for Tenable Vulnerability Management Version 2.7.1 Table of Contents About Tenable Vulnerability Management Module... 4 Compatible Tenable Vulnerability Products... 4 About Support
More informationTenable.io User Guide. Last Revised: November 03, 2017
Tenable.io User Guide Last Revised: November 03, 2017 Table of Contents Tenable.io User Guide 1 Getting Started with Tenable.io 10 Tenable.io Workflow 12 System Requirements 15 Scanners and Agents 16 Link
More informationVMware AirWatch tvos Platform Guide Deploying and managing tvos devices
VMware AirWatch tvos Platform Guide Deploying and managing tvos devices AirWatch v9.3 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationTechDirect User's Guide for ProDeploy Client Suite
TechDirect User's Guide for ProDeploy Client Suite Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates
More informationDell Management Portal. Apple Device Enrollment Program
Dell Management Portal Contents 3 Setting up the 3 DMP Device Deployment Program Prerequisites 4 Configure Apple VPP Token in DMP 5 Download Apple VPP Token 5 Assign VPP App Licenses 7 Configure Virtual
More informationAdministrator Manual. Last Updated: 15 March 2012 Manual Version:
Administrator Manual Last Updated: 15 March 2012 Manual Version: 1.6 http://www.helpdeskpilot.com Copyright Information Under the copyright laws, this manual may not be copied, in whole or in part. Your
More informationSetting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager
Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager Setting Up Resources in VMware Identity Manager (SaaS) You can find the most up-to-date technical documentation
More informationThe Evolved Office Assistant
The Evolved Office Assistant USER GUIDE TM 995 Old Eagle School Road Suite 315 Wayne, PA 19087 USA 610.964.8000 www.evolveip.net Release 1.0 Document Version 1 Copyright Notice Copyright 2008 Evolve IP,
More informationIBM Cloud Lessons Learned: VMware Cloud Foundation on IBM Cloud VMworld 2017 We are a cognitive solutions and cloud platform company that leverages th
LHC3384BUS Lessons Learned: VMware Cloud Foundation on IBM Cloud VMworld 2017 Content: Not for publication #VMworld #LHC3384BUS IBM Cloud Lessons Learned: VMware Cloud Foundation on IBM Cloud VMworld 2017
More informationCustomized Net Conference with Cisco WebEx Training Center
Customized Net Conference with Cisco WebEx Training Center This Quick Start User Guide for Customized Net Conference with Cisco WebEx Training Center details how to access the Cisco WebEx Training Center
More informationJuniper Secure Analytics Patch Release Notes
Juniper Secure Analytics Patch Release Notes 2014.8 January 2018 2014.8.r12.20171213225424 patch resolves several known issues in Juniper Secure Analytics (JSA). Contents Installing 2014.8.r12 Patch.............................................
More informationUpgrading from Call Center Reporting to
Upgrading from Call Center Reporting to Reporting for Call Center Upgrade Document Reporting for Call Center Release 2.2.1xx Document Number: 200-0400-110 Document Status: Standard Document Version: 3.02
More informationIntroduction to application management
Introduction to application management To deploy web and mobile applications, add the application from the Centrify App Catalog, modify the application settings, and assign roles to the application to
More informationOffice Adapters for Quark Publishing Platform
Office Adapters for Quark Publishing Platform Contents Getting started... 1 About Quark Publishing Platform...1 System requirements... 3 Installing the Office Adapters for Quark Publishing Platform...
More informationReadyTalk for HubSpot User Guide
ReadyTalk for HubSpot User Guide Revised 07/29/2013 2 Table of Contents Overview... 3 Configuring ReadyTalk & HubSpot... 4 Setting Up Your Event in Conference Center... 6 Setting Up Your Event in HubSpot...
More informationService Description. IBM DB2 on Cloud. 1. Cloud Service Description. 1.1 DB2 on Cloud. 1.2 IBM Bluemix
Service Description 1. Cloud Service Description IBM DB2 on Cloud This Service Description describes the Cloud Service IBM provides to Client, including DB2 on Cloud and the Bluemix application development
More information