Application Security Consulting

A service of IET

IBM AppScan is a dynamic web application security tool that identifies flaws and vulnerabilities in web applications. The Information Security team offers this tool at no charge for campus use.

Along with the tool, the Information Security team created course work to help members of campus learn how to better use the tool.  Staff Development manages the hosting and administrative details of the courses that have been developed. Currently, the Information Security team is in the process of revamping the curriculum for AppScan, and once complete, the curriculum will be hosted with Staff Development again.

Features/Benefits: 
  • Scan web and code applications for vulnerabilities and validate mitigations
  • Automates vulnerability assessments; scans and tests
  • Provides full coverage of the OWASP Top 10 and NIST 800-131a
Get Started: 

To gain access to the tool, please email a request to appscanadmins@ucdavis.edu. In the subject line, write "IT Security: AppScan."

For course registration assistance on AppScan, contact Staff Development and Professional Services at sdps@ucdavis.edu or (530) 752-1766

Please direct other questions to ithelp@ucdavis.edu, and in the subject line, write "IT Security: AppScan."

Availability: 

The tool, AppScan, is available for request M-F, 8 a.m.- 5 p.m. Once a developer has the tool they can use it on their own timeline.

The courses, after updated, will be placed in the Staff Development Course Catalog and be offered cyclically or as the demand requires.

Rates:

For IET rates or service consultation, contact IET’s Business Relationship Management office at:

Additional Information

Learn More: 

More information about this service can be found online.

Policies & Guidelines:

UCDavis Policy 310-22 Exhibit A: Section 5: Personal Information and 16: Web Application Security  

Support Center

IT Express

Contact IT Express

M-F, 7am - 6pm

530-754-HELP (4357)