SlideShare a Scribd company logo

Integrate Application Security Testing into your SDLC

IBM Security
IBM Security

This document discusses integrating application security testing into the software development life cycle (SDLC) using automated cloud security services. It notes that while development teams understand the importance of security, they often do not practice secure development lifecycles due to lack of education, increased complexity, and security being seen as someone else's job. The document proposes that automated cloud security services could help solve this problem by testing applications continuously throughout the development process. It demonstrates how such a service could work through an interactive demo.

Technology
1 of 30
Download to read offline
© 2015 IBM Corporation Integrate Application Security Testing into your SDLC Eitan Worcel – IBM Erez Rokah – IBM
Source: 2014 Cost of Data Breach Study: Global Analysis Ponemon Institute LLC $1,599,996 Average post data breach cost in the US $3,324,959 Average lost business costs in the U.S.
Agenda • What is Secure Development Life Cycle? • Why don’t development teams practice SDLC? • Can Automated Cloud Security Services be the answer? • Demo
Secure Development Life Cycle
Software Development Life Cycle Requirements Definition Design Coding Build QA Security Production
Coding Build QA Security Production Developers vs. Security DEVELOPERS Lack education Increased complexity “Not my job” SECURITY SDLC bottleneck Testing just before release Too many apps to test
Most Issues are found by security auditors prior to going live. %ofIssuesFound Security testing within the SDLC Requirements Definition Coding Build QA Security Production
Coding Build QA Security Production Reduce Cost by Finding Vulnerabilities Early Find during Development $80/defect Find during Build $240/defect Find during QA/Test $960/defect Find in Production $7,600 / defect 80% of development costs are spent identifying and correcting defects!* * Source: National Institute of Standards and Technology
Coding Build QA Security Production Desired profile %ofIssuesFound Security testing within the SDLC
Secure Development Life Cycle
Why don’t development teams practice SDLC?
Why development teams don’t practice SDLC?
Why development teams don’t practice SDLC?
Why development teams don’t practice SDLC?
How can this be solved?
Automated Cloud Security Services
No more pencils No more books ”School's Out” Alice Cooper
Automatic Cloud Security Services to the rescue
Demo Automated Cloud Security Services to the Rescue
What if I don’t have UrbanCode Deploy? Automated Cloud Security Services to the Rescue https://hub.jazz.net/project/erezro/Application Security Testing/overview
Try it now! Get your 30-day AppScan Mobile Analyzer free trial - https://AppScan.ibmcloud.com For more information visit our product pages on ibm.com: • IBM Security AppScan Mobile Analyzer • IBM Security AppScan Dynamic Analyzer • Video: Using AppScan Mobile Analyzer • Video: Identify & Remediate Application Security Vulnerabilities Effectively
Notices and Disclaimers Copyright © 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS DOCUMENT IS DISTRIBUTED "AS IS" WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IN NO EVENT SHALL IBM BE LIABLE FOR ANY DAMAGE ARISING FROM THE USE OF THIS INFORMATION, INCLUDING BUT NOT LIMITED TO, LOSS OF DATA, BUSINESS INTERRUPTION, LOSS OF PROFIT OR LOSS OF OPPORTUNITY. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM's future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law.
Notices and Disclaimers (con’t) Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. • IBM, the IBM logo, ibm.com, Bluemix, Blueworks Live, CICS, Clearcase, DOORS®, Enterprise Document Management System™, Global Business Services ®, Global Technology Services ®, Information on Demand, ILOG, Maximo®, MQIntegrator®, MQSeries®, Netcool®, OMEGAMON, OpenPower, PureAnalytics™, PureApplication®, pureCluster™, PureCoverage®, PureData®, PureExperience®, PureFlex®, pureQuery®, pureScale®, PureSystems®, QRadar®, Rational®, Rhapsody®, SoDA, SPSS, StoredIQ, Tivoli®, Trusteer®, urban{code}®, Watson, WebSphere®, Worklight®, X-Force® and System z® Z/OS, are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at: www.ibm.com/legal/copytrade.shtml.
Thank You Your Feedback is Important! Access the InterConnect 2015 Conference CONNECT Attendee Portal to complete your session surveys from your smartphone, laptop or conference kiosk.
How to rescan the same application? Appendix A In order to rescan the same application (and enjoy the current 30 days free rescans period) you need to supply the scan id of the original scan. You can extract the original scan id from the output of the UrbanCode plugin or the Ant target that you ran. Then supply this scan id in the UrbanCode plugin properties or as an attribute for the Ant target.
Bluemix services login credentials: Appendix B In order to use the UrbanCode plugin or the Ant targets for Bluemix services you need to supply the binding id and password as the login credentials. You receive the binding id and password after creating an application in Bluemix and binding a service to that application.

Recommended

Fernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajar
Fernando M. Imperiale
 
AD 1656 - Transforming social data into business insight
AD 1656 - Transforming social data into business insightAD 1656 - Transforming social data into business insight
AD 1656 - Transforming social data into business insight
Vincent Burckhardt
 
Improving Software Delivery with Software Defined Environments (IBM Interconn...
Improving Software Delivery with Software Defined Environments (IBM Interconn...Improving Software Delivery with Software Defined Environments (IBM Interconn...
Improving Software Delivery with Software Defined Environments (IBM Interconn...
Michael Elder
 
Desvendando o desenvolvimento seguro de software
Desvendando o desenvolvimento seguro de softwareDesvendando o desenvolvimento seguro de software
Desvendando o desenvolvimento seguro de software
Allyson Chiarini
 
OpenWhisk Part 2 Research Day at Interconnect 2017
OpenWhisk Part 2 Research Day at Interconnect 2017OpenWhisk Part 2 Research Day at Interconnect 2017
OpenWhisk Part 2 Research Day at Interconnect 2017
Perry Cheng
 
Insight_Session_2734_Presentation_Final
Insight_Session_2734_Presentation_FinalInsight_Session_2734_Presentation_Final
Insight_Session_2734_Presentation_Final
Karen He
 
Managing integration in a multi cluster world
Managing integration in a multi cluster worldManaging integration in a multi cluster world
Managing integration in a multi cluster world
Shikha Srivastava
 
OpenWhisk ChatBot InterConnect 2017
OpenWhisk ChatBot InterConnect 2017OpenWhisk ChatBot InterConnect 2017
OpenWhisk ChatBot InterConnect 2017
Perry Cheng
 

Recommended

Fernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajar
Fernando M. Imperiale
 
AD 1656 - Transforming social data into business insight
AD 1656 - Transforming social data into business insightAD 1656 - Transforming social data into business insight
AD 1656 - Transforming social data into business insight
Vincent Burckhardt
 
Improving Software Delivery with Software Defined Environments (IBM Interconn...
Improving Software Delivery with Software Defined Environments (IBM Interconn...Improving Software Delivery with Software Defined Environments (IBM Interconn...
Improving Software Delivery with Software Defined Environments (IBM Interconn...
Michael Elder
 
Desvendando o desenvolvimento seguro de software
Desvendando o desenvolvimento seguro de softwareDesvendando o desenvolvimento seguro de software
Desvendando o desenvolvimento seguro de software
Allyson Chiarini
 
OpenWhisk Part 2 Research Day at Interconnect 2017
OpenWhisk Part 2 Research Day at Interconnect 2017OpenWhisk Part 2 Research Day at Interconnect 2017
OpenWhisk Part 2 Research Day at Interconnect 2017
Perry Cheng
 
Insight_Session_2734_Presentation_Final
Insight_Session_2734_Presentation_FinalInsight_Session_2734_Presentation_Final
Insight_Session_2734_Presentation_Final
Karen He
 
Managing integration in a multi cluster world
Managing integration in a multi cluster worldManaging integration in a multi cluster world
Managing integration in a multi cluster world
Shikha Srivastava
 
OpenWhisk ChatBot InterConnect 2017
OpenWhisk ChatBot InterConnect 2017OpenWhisk ChatBot InterConnect 2017
OpenWhisk ChatBot InterConnect 2017
Perry Cheng
 
IC6284A - The Art of Choosing the Best Cloud Solution
IC6284A - The Art of Choosing the Best Cloud SolutionIC6284A - The Art of Choosing the Best Cloud Solution
IC6284A - The Art of Choosing the Best Cloud Solution
Hendrik van Run
 
2829 liberty
2829 liberty2829 liberty
2829 liberty
nick_garrod
 
IBM UrbanCode Deploy and VMware Integrated OpenStack
IBM UrbanCode Deploy and VMware Integrated OpenStackIBM UrbanCode Deploy and VMware Integrated OpenStack
IBM UrbanCode Deploy and VMware Integrated OpenStack
BradDesAulniers2
 
Why z/OS is a great platform for developing and hosting APIs
Why z/OS is a great platform for developing and hosting APIsWhy z/OS is a great platform for developing and hosting APIs
Why z/OS is a great platform for developing and hosting APIs
Teodoro Cipresso
 
Complete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Complete Solutions in ECM using IBM, Internal and Third Party, Custom ComponentsComplete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Complete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Pyramid Solutions, Inc.
 
Cognitive Connections Architectures, Use Cases and Code
Cognitive Connections Architectures, Use Cases and CodeCognitive Connections Architectures, Use Cases and Code
Cognitive Connections Architectures, Use Cases and Code
Van Staub, MBA
 
4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...
Shikha Srivastava
 
DESY's new data taking and analysis infrastructure for PETRA III
DESY's new data taking and analysis infrastructure for PETRA IIIDESY's new data taking and analysis infrastructure for PETRA III
DESY's new data taking and analysis infrastructure for PETRA III
Ulf Troppens
 
IT Roadmap Atlanta Deliver on your innovation goals with IBM Bluemix
IT Roadmap Atlanta Deliver on your innovation goals with IBM BluemixIT Roadmap Atlanta Deliver on your innovation goals with IBM Bluemix
IT Roadmap Atlanta Deliver on your innovation goals with IBM Bluemix
Carl Osipov
 
TI 1641 - delivering enterprise software at the speed of cloud
TI 1641 - delivering enterprise software at the speed of cloudTI 1641 - delivering enterprise software at the speed of cloud
TI 1641 - delivering enterprise software at the speed of cloud
Vincent Burckhardt
 
WOW2016_3963
WOW2016_3963WOW2016_3963
WOW2016_3963
Bjorn Austraat
 
World of Watson Ask Me Anything About IoT
World of Watson Ask Me Anything About IoTWorld of Watson Ask Me Anything About IoT
World of Watson Ask Me Anything About IoT
Markus Van Kempen
 
Big Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF APIBig Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF API
Devin Olson
 
Sap guided workflow in ibm bpm
Sap guided workflow in ibm bpmSap guided workflow in ibm bpm
Sap guided workflow in ibm bpm
sflynn073
 
10.8.2013 Continuous Delivery - Mobile Applications
10.8.2013 Continuous Delivery - Mobile Applications10.8.2013 Continuous Delivery - Mobile Applications
10.8.2013 Continuous Delivery - Mobile Applications
IBM Rational
 
Tip from ConnectED 2015: Mobile security roundup
Tip from ConnectED 2015: Mobile security roundupTip from ConnectED 2015: Mobile security roundup
Tip from ConnectED 2015: Mobile security roundup
SocialBiz UserGroup
 
NRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - Strategy
NRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - StrategyNRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - Strategy
NRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - Strategy
NRB
 
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
Karen He
 
Big Data With Graphs
Big Data With GraphsBig Data With Graphs
Big Data With Graphs
Peter Presnell
 
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
IBM Rational software
 
4515 Modernize your CICS applications for Mobile and Cloud
4515 Modernize your CICS applications for Mobile and Cloud4515 Modernize your CICS applications for Mobile and Cloud
4515 Modernize your CICS applications for Mobile and Cloud
nick_garrod
 
OpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOpsOpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOps
Sanjeev Sharma
 

More Related Content

What's hot

IC6284A - The Art of Choosing the Best Cloud Solution
IC6284A - The Art of Choosing the Best Cloud SolutionIC6284A - The Art of Choosing the Best Cloud Solution
IC6284A - The Art of Choosing the Best Cloud Solution
Hendrik van Run
 
Complete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Complete Solutions in ECM using IBM, Internal and Third Party, Custom ComponentsComplete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Complete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Pyramid Solutions, Inc.
 
DESY's new data taking and analysis infrastructure for PETRA III
DESY's new data taking and analysis infrastructure for PETRA IIIDESY's new data taking and analysis infrastructure for PETRA III
DESY's new data taking and analysis infrastructure for PETRA III
Ulf Troppens
 
Sap guided workflow in ibm bpm
Sap guided workflow in ibm bpmSap guided workflow in ibm bpm
Sap guided workflow in ibm bpm
sflynn073
 
Tip from ConnectED 2015: Mobile security roundup
Tip from ConnectED 2015: Mobile security roundupTip from ConnectED 2015: Mobile security roundup
Tip from ConnectED 2015: Mobile security roundup
SocialBiz UserGroup
 
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
Karen He
 
Big Data With Graphs
Big Data With GraphsBig Data With Graphs
Big Data With Graphs
Peter Presnell
 

What's hot (19)

IC6284A - The Art of Choosing the Best Cloud Solution
IC6284A - The Art of Choosing the Best Cloud SolutionIC6284A - The Art of Choosing the Best Cloud Solution
IC6284A - The Art of Choosing the Best Cloud Solution
 
2829 liberty
2829 liberty2829 liberty
2829 liberty
 
IBM UrbanCode Deploy and VMware Integrated OpenStack
IBM UrbanCode Deploy and VMware Integrated OpenStackIBM UrbanCode Deploy and VMware Integrated OpenStack
IBM UrbanCode Deploy and VMware Integrated OpenStack
 
Why z/OS is a great platform for developing and hosting APIs
Why z/OS is a great platform for developing and hosting APIsWhy z/OS is a great platform for developing and hosting APIs
Why z/OS is a great platform for developing and hosting APIs
 
Complete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Complete Solutions in ECM using IBM, Internal and Third Party, Custom ComponentsComplete Solutions in ECM using IBM, Internal and Third Party, Custom Components
Complete Solutions in ECM using IBM, Internal and Third Party, Custom Components
 
Cognitive Connections Architectures, Use Cases and Code
Cognitive Connections Architectures, Use Cases and CodeCognitive Connections Architectures, Use Cases and Code
Cognitive Connections Architectures, Use Cases and Code
 
4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...
 
DESY's new data taking and analysis infrastructure for PETRA III
DESY's new data taking and analysis infrastructure for PETRA IIIDESY's new data taking and analysis infrastructure for PETRA III
DESY's new data taking and analysis infrastructure for PETRA III
 
IT Roadmap Atlanta Deliver on your innovation goals with IBM Bluemix
IT Roadmap Atlanta Deliver on your innovation goals with IBM BluemixIT Roadmap Atlanta Deliver on your innovation goals with IBM Bluemix
IT Roadmap Atlanta Deliver on your innovation goals with IBM Bluemix
 
TI 1641 - delivering enterprise software at the speed of cloud
TI 1641 - delivering enterprise software at the speed of cloudTI 1641 - delivering enterprise software at the speed of cloud
TI 1641 - delivering enterprise software at the speed of cloud
 
WOW2016_3963
WOW2016_3963WOW2016_3963
WOW2016_3963
 
World of Watson Ask Me Anything About IoT
World of Watson Ask Me Anything About IoTWorld of Watson Ask Me Anything About IoT
World of Watson Ask Me Anything About IoT
 
Big Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF APIBig Data with Graph, IBM Domino, and the OpenNTF API
Big Data with Graph, IBM Domino, and the OpenNTF API
 
Sap guided workflow in ibm bpm
Sap guided workflow in ibm bpmSap guided workflow in ibm bpm
Sap guided workflow in ibm bpm
 
10.8.2013 Continuous Delivery - Mobile Applications
10.8.2013 Continuous Delivery - Mobile Applications10.8.2013 Continuous Delivery - Mobile Applications
10.8.2013 Continuous Delivery - Mobile Applications
 
Tip from ConnectED 2015: Mobile security roundup
Tip from ConnectED 2015: Mobile security roundupTip from ConnectED 2015: Mobile security roundup
Tip from ConnectED 2015: Mobile security roundup
 
NRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - Strategy
NRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - StrategyNRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - Strategy
NRB - LUXEMBOURG MAINFRAME DAY 2017 - z platform - Strategy
 
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
MOB-1298_How to Harness Human Data and Insights to Develop Better Mobile Expe...
 
Big Data With Graphs
Big Data With GraphsBig Data With Graphs
Big Data With Graphs
 

Similar to Integrate Application Security Testing into your SDLC

Capgemini Connected Car Demo Using IBM Internet of Things Foundation on Bluemix
Capgemini Connected Car Demo Using IBM Internet of Things Foundation on BluemixCapgemini Connected Car Demo Using IBM Internet of Things Foundation on Bluemix
Capgemini Connected Car Demo Using IBM Internet of Things Foundation on Bluemix
Capgemini
 
Fernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajar
Fernando M. Imperiale
 
Defining managing & publishing ap is in the cloud saa-s
Defining managing & publishing ap is in the cloud saa-sDefining managing & publishing ap is in the cloud saa-s
Defining managing & publishing ap is in the cloud saa-s
sflynn073
 
SAP guided workflow in IBM BPM
SAP guided workflow in IBM BPMSAP guided workflow in IBM BPM
SAP guided workflow in IBM BPM
sflynn073
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
sflynn073
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
sflynn073
 
Build cognitive Apps that help enhance, scale and accelerate Human Expertise
Build cognitive Apps that help enhance, scale and accelerate Human ExpertiseBuild cognitive Apps that help enhance, scale and accelerate Human Expertise
Build cognitive Apps that help enhance, scale and accelerate Human Expertise
Niklas Heidloff
 

Similar to Integrate Application Security Testing into your SDLC (20)

DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
DMT-2467 Like the Features in Rational DOORS 9? Come Check Them Out in DOORS...
 
4515 Modernize your CICS applications for Mobile and Cloud
4515 Modernize your CICS applications for Mobile and Cloud4515 Modernize your CICS applications for Mobile and Cloud
4515 Modernize your CICS applications for Mobile and Cloud
 
OpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOpsOpenTechSummit InterConnect2015 DevOps
OpenTechSummit InterConnect2015 DevOps
 
Capgemini Connected Car Demo Using IBM Internet of Things Foundation on Bluemix
Capgemini Connected Car Demo Using IBM Internet of Things Foundation on BluemixCapgemini Connected Car Demo Using IBM Internet of Things Foundation on Bluemix
Capgemini Connected Car Demo Using IBM Internet of Things Foundation on Bluemix
 
App infrastructure &_integration_keynote_final
App infrastructure &_integration_keynote_finalApp infrastructure &_integration_keynote_final
App infrastructure &_integration_keynote_final
 
Fernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajarFernando Imperiale - Una aguja en el pajar
Fernando Imperiale - Una aguja en el pajar
 
Scalable, Available and Reliable Cloud Applications with PaaS and Microservices
Scalable, Available and Reliable Cloud Applications with PaaS and MicroservicesScalable, Available and Reliable Cloud Applications with PaaS and Microservices
Scalable, Available and Reliable Cloud Applications with PaaS and Microservices
 
Witness the Evolution of Teamwork
Witness the Evolution of TeamworkWitness the Evolution of Teamwork
Witness the Evolution of Teamwork
 
Defining managing & publishing ap is in the cloud saa-s
Defining managing & publishing ap is in the cloud saa-sDefining managing & publishing ap is in the cloud saa-s
Defining managing & publishing ap is in the cloud saa-s
 
IBM Design Thinking + Agile + DevOps Interconnect 2017
IBM Design Thinking + Agile + DevOps Interconnect 2017IBM Design Thinking + Agile + DevOps Interconnect 2017
IBM Design Thinking + Agile + DevOps Interconnect 2017
 
SAP guided workflow in IBM BPM
SAP guided workflow in IBM BPMSAP guided workflow in IBM BPM
SAP guided workflow in IBM BPM
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
 
Think 2018 - MicroProfile OpenAPI
Think 2018 - MicroProfile OpenAPIThink 2018 - MicroProfile OpenAPI
Think 2018 - MicroProfile OpenAPI
 
Drone Payloader using a Servo and a Raspberry Pi
Drone Payloader using a Servo and a Raspberry Pi Drone Payloader using a Servo and a Raspberry Pi
Drone Payloader using a Servo and a Raspberry Pi
 
Aligning the Fast & the Slow: The Reality of Multi-Speed IT
Aligning the Fast & the Slow: The Reality of Multi-Speed ITAligning the Fast & the Slow: The Reality of Multi-Speed IT
Aligning the Fast & the Slow: The Reality of Multi-Speed IT
 
2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutions2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutions
 
BP205: There’s an API for that! Why and how to build on the IBM Connections P...
BP205: There’s an API for that! Why and how to build on the IBM Connections P...BP205: There’s an API for that! Why and how to build on the IBM Connections P...
BP205: There’s an API for that! Why and how to build on the IBM Connections P...
 
Build cognitive Apps that help enhance, scale and accelerate Human Expertise
Build cognitive Apps that help enhance, scale and accelerate Human ExpertiseBuild cognitive Apps that help enhance, scale and accelerate Human Expertise
Build cognitive Apps that help enhance, scale and accelerate Human Expertise
 
Ibm apim
Ibm apimIbm apim
Ibm apim
 

More from IBM Security

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 

More from IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 

Recently uploaded

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Integrate Application Security Testing into your SDLC

  • 1. © 2015 IBM Corporation Integrate Application Security Testing into your SDLC Eitan Worcel – IBM Erez Rokah – IBM
  • 2. Source: 2014 Cost of Data Breach Study: Global Analysis Ponemon Institute LLC $1,599,996 Average post data breach cost in the US $3,324,959 Average lost business costs in the U.S.
  • 3. Agenda • What is Secure Development Life Cycle? • Why don’t development teams practice SDLC? • Can Automated Cloud Security Services be the answer? • Demo
  • 5. Software Development Life Cycle Requirements Definition Design Coding Build QA Security Production
  • 6. Coding Build QA Security Production Developers vs. Security DEVELOPERS Lack education Increased complexity “Not my job” SECURITY SDLC bottleneck Testing just before release Too many apps to test
  • 7. Most Issues are found by security auditors prior to going live. %ofIssuesFound Security testing within the SDLC Requirements Definition Coding Build QA Security Production
  • 8. Coding Build QA Security Production Reduce Cost by Finding Vulnerabilities Early Find during Development $80/defect Find during Build $240/defect Find during QA/Test $960/defect Find in Production $7,600 / defect 80% of development costs are spent identifying and correcting defects!* * Source: National Institute of Standards and Technology
  • 9. Coding Build QA Security Production Desired profile %ofIssuesFound Security testing within the SDLC
  • 11. Why don’t development teams practice SDLC?
  • 12. Why development teams don’t practice SDLC?
  • 13. Why development teams don’t practice SDLC?
  • 14. Why development teams don’t practice SDLC?
  • 15.
  • 16. How can this be solved?
  • 18.
  • 19.
  • 20. No more pencils No more books ”School's Out” Alice Cooper
  • 21. Automatic Cloud Security Services to the rescue
  • 22.
  • 23. Demo Automated Cloud Security Services to the Rescue
  • 24. What if I don’t have UrbanCode Deploy? Automated Cloud Security Services to the Rescue https://hub.jazz.net/project/erezro/Application Security Testing/overview
  • 25. Try it now! Get your 30-day AppScan Mobile Analyzer free trial - https://AppScan.ibmcloud.com For more information visit our product pages on ibm.com: • IBM Security AppScan Mobile Analyzer • IBM Security AppScan Dynamic Analyzer • Video: Using AppScan Mobile Analyzer • Video: Identify & Remediate Application Security Vulnerabilities Effectively
  • 26. Notices and Disclaimers Copyright © 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS DOCUMENT IS DISTRIBUTED "AS IS" WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IN NO EVENT SHALL IBM BE LIABLE FOR ANY DAMAGE ARISING FROM THE USE OF THIS INFORMATION, INCLUDING BUT NOT LIMITED TO, LOSS OF DATA, BUSINESS INTERRUPTION, LOSS OF PROFIT OR LOSS OF OPPORTUNITY. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM's future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law.
  • 27. Notices and Disclaimers (con’t) Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. • IBM, the IBM logo, ibm.com, Bluemix, Blueworks Live, CICS, Clearcase, DOORS®, Enterprise Document Management System™, Global Business Services ®, Global Technology Services ®, Information on Demand, ILOG, Maximo®, MQIntegrator®, MQSeries®, Netcool®, OMEGAMON, OpenPower, PureAnalytics™, PureApplication®, pureCluster™, PureCoverage®, PureData®, PureExperience®, PureFlex®, pureQuery®, pureScale®, PureSystems®, QRadar®, Rational®, Rhapsody®, SoDA, SPSS, StoredIQ, Tivoli®, Trusteer®, urban{code}®, Watson, WebSphere®, Worklight®, X-Force® and System z® Z/OS, are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at: www.ibm.com/legal/copytrade.shtml.
  • 28. Thank You Your Feedback is Important! Access the InterConnect 2015 Conference CONNECT Attendee Portal to complete your session surveys from your smartphone, laptop or conference kiosk.
  • 29. How to rescan the same application? Appendix A In order to rescan the same application (and enjoy the current 30 days free rescans period) you need to supply the scan id of the original scan. You can extract the original scan id from the output of the UrbanCode plugin or the Ant target that you ran. Then supply this scan id in the UrbanCode plugin properties or as an attribute for the Ant target.
  • 30. Bluemix services login credentials: Appendix B In order to use the UrbanCode plugin or the Ant targets for Bluemix services you need to supply the binding id and password as the login credentials. You receive the binding id and password after creating an application in Bluemix and binding a service to that application.