App Scan Procedure
Author: Katie Gutierrez
Date: 1/9/2017
Action: Document Created
Purpose
In accordance with the West Lafayette Internal Audit Office and Purdue University Northwest Security Team, all applications that have public facing web accessible ports opened must be security scanned with West Lafayette’s AppScan vulnerability scanner.
Summary
IBM Security AppScan is a family of web security testing and monitoring tools from the Rational Software division of IBM. AppScan is intended to test Web applications for security vulnerabilities during the development process, when it is least expensive to fix such problems.
These scans are performed against internally developed applications or hosted applications before “go-live” to help identify and resolve any major vulnerabilities that exist.
Process
Please contact Information Services to conduct security scans. This can be done by contacting the Customer Service Center at 219-989-2888 & csc@temp.pnw.edu or Information Security Services at security@temp.pnw.edu.