With heightened public awareness of security issues and the inherent security risks within Web services environments, enterprises are under pressure to protect sensitive data and develop applications that are secure from inception through implementation. AppScan DE is the only automated testing tool integrated within the developer's standard workflow that simplifies security unit testing through automation, empowering developers to create quality applications that are secure from inception. AppScan DE redefines quality by enhancing current functionality and performance requirements with security. Available as a plug-in for major Java IDEs, as well as fully integrated into Microsoft Visual Studio .NET 2003 as a project, AppScan DE delivers comprehensive defect analysis with built-in application intelligence. With automated precision script creation, AppScan DE enables reliable and repeatable security unit testing, and encourages real-time training on security testing and secure coding techniques for developers. By reducing development cycles and associated downtime of security defects, AppScan DE means applications are deployed faster, at a lower cost, helping enterprises dramatically improve overall QA and development resources.

This demonstration will highlight key features of AppScan DE 1.7 including:

* Native Plug-In-tests applications built in both Java/J2EE and Microsoft environments, including JBuilder 8 and 9, Visual Studio 6.0, WebSphere Studio Application Developer 5.0, and Eclipse IDE 2.0/2.1. Uses IDE-specific user interfaces to configure and launch AppScan security testing from within the major IDEs.

* Integration with Microsoft Visual Studio .NET 2003-AppScan DE is seamlessly integrated into Visual Studio .NET and Visual Studio .NET 2003, allowing users to stay within the IDE without disruption or disjointed processes. It tests applications built with all languages supported by Visual Studio .NET, including Microsoft(R) Visual C#(TM) .NET, Microsoft(R) Visual C++(TM) .NET, Microsoft(R) Visual Basic(R) .NET, and Microsoft(R) Visual J#(TM) .NET.

* Multiple Test Modes-customizable configuration settings enable efficient security testing as part of the development cycle.

* Multiple Language Support-single click scan automatically tests Web applications written in any language supported by IDE used to develop Web applications including C#, C++, VB, Java, EJB, HTML, etc., and compatible with both J2EE and .NET environments.

* Real-Time Analysis-provides analysis and specific code examples for fix recommendations in real time, in-line with the development process. Users can configure test runs simply and quickly with automatic navigation to affected files. The results are date and time stamped and stored logically for quick and easy access.

* 'Developer Centric' Results and Recommendations-analytical tools simplify communicating results with developers, enabling users to view test results and HTTP request details to easily edit and configure reports. Developer-specific vulnerability advisories provide specific fix recommendations and sample code for both .NET and Java environments.