...
This tool is a "badness-ometer". It will not tell you if your application is good. It will simply tell you if you have really deep security troubles. Developers should still review for accessible sensitive information and other potential holes in an application after running a scan.
,border=1,height=200!
AppScan is a "badness-ometer". After running a scan, you should still test for other potential security issues, such as potential exposure of sensitive information and authentication and access control restrictions.
...
At the start menu of your computer, open "Programs" and then "Remote Desktop Connection." Enter "weber.uit.tufts.edu" as the computer and then click OK. Next authenticate your credentials by clicking "Use Another Account." Enter TUFTS\ and then your UTLN. If you receive a message that says "The identity of the remote computer cannot be verified. Do you want to connect anyway?" select "Yes."
On the desktop of the virtual machine, open IBM Rational AppScan and select "Create New Scan" and then "Regular Scan". This will launch the Configuration Wizard. Select "Web Application Scan."
...