AppScan Extends Developer Access

 
 
By Timothy Dyck  |  Posted 2003-03-31 Email Print this article Print
 
 
 
 
 
 
 

A new package from Sanctum, released in March, will help active server pages .Net development teams catch security problems during the development process.

A new package from Sanctum, released in March, will help active server pages .Net development teams catch security problems during the development process. AppScan Developer Edition 1.5—a new product despite the version number—is a customized version of the AppScan Web application security scanner I last reviewed in the middle of last year. Its been redesigned as a plug-in for Microsofts current Visual Studio .Net 2002 and upcoming Visual Studio .Net 2003 development tools.

AppScan Developer Edition works by walking through the pages in a Web application (any Web application, not just ASP.Net applications, can be scanned) to determine HTML form variables and overall structure, then exhaustively checks the site for security problems. It tries to find application errors (which are often easy to turn into security holes) by submitting cross-site scripting attacks, by trying to overflow input buffers, and by manipulating HTML parameters and cookies.

Possible problems are presented from within Visual Studio, along with general advice and example code describing how to fix the problem.

The software is priced at $995 until Aug. 1 and $1,495 thereafter. More information can be found at www.sanctuminc.com.

 
 
 
 
Timothy Dyck is a Senior Analyst with eWEEK Labs. He has been testing and reviewing application server, database and middleware products and technologies for eWEEK since 1996. Prior to joining eWEEK, he worked at the LAN and WAN network operations center for a large telecommunications firm, in operating systems and development tools technical marketing for a large software company and in the IT department at a government agency. He has an honors bachelors degree of mathematics in computer science from the University of Waterloo in Waterloo, Ontario, Canada, and a masters of arts degree in journalism from the University of Western Ontario in London, Ontario, Canada.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel