The latest version of IBM Rational AppScan has been developed keeping in mind the growing security concerns of the Web 2.0 technologies. According to a recent press release, Rational AppScan Standard Edition 7.8 is capable of scanning Flash-based web content and applications and website built using AJAX to identify security defects.
With Web 2.0 technologies increasingly being used for e-commerce there has been a surge in cybercrime targeting them. Also, with many of the latest technologies still being in their early development stages, there is usually a greater importance given to ease of use and performance rather than security making them even more vulnerable.
Not surprisingly, last year’s IBM X-Force Trend Report said that more than half of all vulnerabilities disclosed in 2008 were web application based.
Brad Arkin, director of the Adobe Secure Software Engineering Team said:
The use of Adobe Flash Platform technologies in the enterprise is increasing, and software such as IBM Rational AppScan can help content creators take a preemptive approach to security. By scanning and testing code for potential issues in the early development stages, companies can help prevent security and compliance problems before they ever happen.
Apparently, the cost of identifying and repairing a software defect in a product that is already being used by consumers can cost upwards of $16,000 for each defect according to the book Applied Software Management by Capers Jones.