App Scan Procedure

Author: Katie Gutierrez

Date: 1/9/2017

Action: Document Created

Purpose

In accordance with the West Lafayette Internal Audit Office and Purdue University Northwest Security Team, all applications that have public facing web accessible ports opened must be security scanned with West Lafayette’s AppScan vulnerability scanner.

Summary

IBM Security AppScan is a family of web security testing and monitoring tools from the Rational Software division of IBM.  AppScan is intended to test Web applications for security vulnerabilities during the development process, when it is least expensive to fix such problems.

These scans are performed against internally developed applications or hosted applications before “go-live” to help identify and resolve any major vulnerabilities that exist.

Process

Please contact Information Services to conduct security scans. This can be done by contacting the Customer Service Center at 219-989-2888 & csc@temp.pnw.edu or Information Security Services at security@temp.pnw.edu.