...
Using application security self-scanning to find and fix vulnerabilities will help to ensure that applications are less susceptible to many common attacks. Please note that AppScan can be dangerous if used on production sites and should only be targeted at test or development environments. For extra security, if your application is on a virtual machine, take a snapshot of it before running the scan. Also notify any others who might be working on the application that it may be disrupted during the time of the scan. What follows is a guide to using IBM's Rational AppScan. If you need assistance or would like the scan to be run for you, please contact Information Security.
What is AppScan?
IBM's Rational AppScan is an application penetration testing tool used by developers to test the security of their web applications while under development and before deployment. AppScan can also be used to scan applications which are already deployed but may not target live production environments. AppScan will spider and crawl any application that it is pointed at. It will then execute about 5,000 canned security tests against every page that it finds.
...