Application security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application.

Thursday, January 3, 2013

AppScan New Tool:- Traffic Viewer

AppScan Traffic Viewer is a new tool, built using the model of other HTTP Debuggers such as Fiddler or Paros. It can actually work in both online and offline mode, by loading the AppScan traffic dumps and can do a detailed research of the security scan without interfering with the scan itself. For example, if your site crashed during the scan and you want to find out which request is responsible for this Denial of Service, Traffic Viewer is ideal to do that.
 
If you didn't use the tool yet you should definitely give it a try. Starting with AppScan 8.6 the tool will be located in the AppScan tools folder ([AppScan Installation Directory]\Tools\Traffic Viewer\TrafficViewerSetup.msi) or can be downloaded from the AppScan Enterprise portal.
 
To obtain the AppScan Standard traffic log you will need to enable it from Tools > Options > Enable Request/Response Logging. In AppScan Enterprise you enable it from the Scan Properties > Log Settings and can download it from the Scan Statistics screen.
Below is the video to see a demo of Traffic Viewer and take full advantage of this tool in this release of AppScan Standard and AppScan Enterprise.
 
 

No comments:

Post a Comment