IBM has extended its Security AppScan portfolio by introducing a new mobile security application that will enable organisations to develop mobile applications that are secure by design.
The new software will enable clients to build security into the initial design of their mobile applications so that vulnerabilities will be detected early in the development process.
Mobile applications have vulnerabilities specific to mobile devices because they often store sensitive data that can be leaked to malicious applications and the new AppScan analysis capabilities in the application will find these vulnerabilities to help developers build secure mobile applications.
The new software extends the application security testing to native Android applications, which allows clients to conduct their own testing for mobile applications.
IBM’s new security app is integrated with IBM’s QRadar Security Intelligence Platform to deliver increased Security Intelligence when an application is moved into production.
QRadar automatically raises or lowers the priority score of security incidents by correlating known application vulnerabilities with user and network activity.
The new release includes a new Cross Site Scripting (XSS) analyser which uses a learning mode to evaluate several potential tests from less than 20 core tests. The new XSS analyser finds more XSS vulnerabilities faster than prior releases, the company claims.
It includes new static analysis capabilities that help companies adopt broad application security practices. It also includes predefined and customisable templates that will help development teams focus on a rule set prioritised by their security teams.
AppScan also offers integration points with IBM Security Network IPS and IBM Security SiteProtector. It is a regular complement sold with IBM Guardium and IBM Security Access Management applications for end-to-end application security.