Kursen har inget datum. Ring vår kursbokning 077 186 10 37 för information om en privat utbildning.
Översikt
| Kurskod | RL357SE | Leveranstyp | Classroom
(Hands-on labs) |
|---|---|---|---|
| Kurslängd | 2.0 dagar | Kurstyp | |
| Listpris | Set by Partner |
This course teaches you how to use IBM Rational AppScan Enterprise Edition effectively. The course combines both class lectures and hands-on lab work. It presents how to use Rational AppScan Enterprise Edition to test for web application security issues. The course is presented in the context of real-world deployments of the product by teaching you best practices for getting started, exploring your site, optimizing your scan, testing your site, analyzing results, administration, and results reporting. You will gain hands-on experience using Rational AppScan Enterprise Edition on demonstration web applications.
Målgrupp
The target audience for this basic course is security auditors, security team managers, quality assurance practitioners and web application developers who need to understand web application vulnerability testing reports, run web application security scans on web applications, and administer Rational AppScan Enterprise Edition.
The audience might also include web developers, managers, or team leaders who are responsible for interacting with testers or who need to ensure that the tools are being implemented fully and appropriately.
Förkunskaper
You should have:
- Web application security knowledge
- Essentials of Web Application Security V2.0 (RT302) or Essentials of Web Application Security V2.0 (RT330SE)
- Principles of IBM Rational AppScan Enterprise Edition (RT316)
Mål
- Describe the capabilities of IBM Rational AppScan Enterprise Edition
- Explain the potential risks of conducting an automated security scan
- Work with dashboards, jobs, folders, reports, and alerts
- Explain the differences between manual and automatic exploration
- Configure, run and optimize scans
- Use scan logs and identify messages, export a scan log, and troubleshoot scans
- Describe the process of analyzing scan results and using issue management
- Explain the architecture of IBM Rational AppScan Enterprise Edition
- Administer users, groups, and manage access control
- Create scan templates and test policies
- Describe best practices for generating management reports
- Explain the major tasks and factors involved in a Rational AppScan Enterprise deployment
Nyckelområden
- IBM Rational AppScan Enterprise Edition Overview
- Before you begin scanning
- Reports Overview
- Managing Folders, Jobs, Report Packs, and Dashboards
- Configuring a basic scan
- Automatic versus Manual Exploration
- Complex Login and Session Management
- Reviewing Explore Results
- Advanced Configuration Options
- Security Tests, Reports, and Concepts
- Scan Logs, Phases, and Error Messages
- Security Issue Reports
- Issue Management
- Architecture Overview
- Users, Groups and Managing Access Control
- Creating Scan Templates
- Test Policies
- Management Reporting
- Deployment Planning