The AppSec How-To: Choosing a SAST Tool
|
|
- Percival Miles
- 8 years ago
- Views:
Transcription
1 The AppSec Hw-T: Chsing a SAST Tl Surce Cde Analysis Made Easy GIVEN THE WIDE RANGE OF SOURCE CODE ANALYSIS TOOLS, SECURITY PROFESSIONALS, AUDITORS AND DEVELOPERS ALIKE ARE FACED WITH THE QUESTION: Hw t assess a Static Applicatin Security Testing (SAST) tl fr deplyment? Chsing the right tl requires different cnsideratins during each stage f the SAST tl evaluatin prcess. Evaluatin Preparatin The fllwing qualifiers are required prir t testing the SAST tl in rder t set initial expectatins: 1. List f languages. Ensure that the SAST tl supprts the languages in the develpment envirnment. 2. Access t surce and binary files. Sme SAST tls run nly n the surce cde files (pre-cmpilatin scanning), while thers run n the binaries (pst-cmpilatin scanning). As ppsed t scanning n the surce cde, pst-cmpilatin scanning requires all prject dependences in rder t run the scan. 3. Deplyment. Cnfirm the SAST tl supprts the preferred mde f peratin - n premise r n-demand. 4. Parties within the rganizatin respnsible fr cde security. Define hw cde security is managed within the rganizatin. Fr example, ne rganizatin might prefer having a dedicated team such as cde auditrs r an applicatin security team which prvides the security services t the rganizatin. While anther rganizatin might decide that each develpment team has an individual respnsible fr the security. Each f these management mdels influences the SAST tl architectural setup- including licenses, deplyment and tl s usage. 1
2 Surce Cde Analysis Made Easy STAGE 1 Installatin Ease f installatin during this step includes: 1. Resurces. Evaluate whether installatin f the SAST tl is manual r autmated. If manual, cnsider whether installatin requires specialized knwledge as well as the number f installatin man-hurs. 2. Scalability. Client sftware installatin requires develper dwn-time during installatin and additinal installatin time per endpint. A centrally-managed installatin is a ne-time nly prcess where additinal servers can be added withut the need fr system duplicatin. 3. Licenses. Sme licensing schemes are distributed where each endpint requires its wn license. In ther cases, the license is centrally-managed and is n a per-user basis, eliminating the need fr multiple licenses. STAGE 2 Set-up Tw measuring factrs need t be cnsidered: 1. Effrt and cmplexity Simplicity. Scanning verhead shuld be kept t a minimum. Scanning surce cde shuld nt require the user t perfrm excessive peratins t start running the tl. Scaling t ther languages. Adding a new language shuld be seamless t the envirnment and shuld nt entail a new scanning setup t supprt the language. 2. Time Scanning regardless f the SAST tl - takes time. The pint here is t cnsider the SAST features, r the different scanning methds, that the SAST tl prvides t speed up the scanning prcess. Fr example, being able t scan prtins f the cde is particularly helpful when there are lts f develpers and cde t scan. 2
3 STAGE 3 Scan capabilities Surce Cde Analysis Made Easy Scanning capabilities include: 1. Range f supprted languages. The SAST tl shuld nt merely supprt the current develpment languages (as specified when qualifying the tl). It shuld als supprt emerging technlgies as these may prve t be significant in the lng run. Fr example, mbile r updated develpment languages (e.g Andrid, Objective C, Ruby n Rails). 2. Range f supprted framewrks. Supprting the develpment s framewrk allws the SAST tl t identify cding vulnerabilities, as well as t eliminate any false reprting that results frm nt recgnizing the framewrk. 3. Multiple scans. The ability t run simultaneus scans r supprt multi-chaining, multi-threading r multi-cre prcessing envirnments. 4. Vulnerability cverage. There are different classes f vulnerabilities that the SAST tl shuld address: Technical security vulnerabilities. Detectin f cmmn vulnerabilities as identified by different industry standards such as OWASP Tp 10, SANS and CWE. Since the vulnerability taxnmy and ratings differ by each SAST vendr, it is necessary t receive frm each SAST vendr their list and nrmalize them ne against the ther fr a true vulnerability cverage cmparisn. Business lgic flaws. These include authenticatin by-passing mechanisms, as well as backdrs in the applicatin. Best cding practices. Fr example, errr handling, elements usage and race cnditins. 5. Result accuracy. T ensure the accuracy f the results, the tl shuld scan and its utput cmpared against a test applicatin fr which the results are knwn a-priri. One such cmmn test bed is OWASP s WebGat prject. Hwever, the real test shuld be against an in-huse applicatin- unknwn t the tl t prevent the tl frm being tuned in advanced t the testing envirnment. Result accuracy is measured by: Amunt f True Psitives (TPs). The percentage f results that have been crrectly identified as actual vulnerabilities. Amunt f False Psitives (FPs). Althugh there is n such SAST tl tday that will utput a ttally FP-free scan, the ideal is t achieve a minimal amunt up until a handful f these. 6. Custmizability. The ability t adapt the scan results t the specific sftware framewrks and business lgic f the rganizatin. Each rganizatin uses its' wn framewrk fr accessing databases and sanitizing input data and s the SAST tl must be custmizable t the prprietary cde. This capability als eliminates false psitives that ccur due t the custm cde and the rganizatin s business lgic. 3
4 Surce Cde Analysis Made Easy 7. Ability t aggregate scans. Aggregatin allws all the scans f the prject t be displayed as a whle. STAGE 4 Results Management Scan results need t be presented in a clear manner t enable cnvenient and quick fixing. 1. Results analysis and management tls. Results analysis shuld prvide the user with the relevant security intelligence and tls t remediate flaws in virtually zer-time. Vulnerability flw. Visibility int the cde flw dwn t the exact line f the vulnerable cde helps develpers t understand the vulnerability flw and its meaning. Best fix lcatins. Optimal vulnerability remediatin can be presented in textual r visual frmats. Fr example, the ability t pinpint the precise vulnerability which- if fixed-eliminates all vulnerabilities that depend n that particular cde flaw. Tagging and filtering capabilities. Users shuld be able t grup results accrding t plicies, and priritize results frm highly imprtant t un-explitable. Further, the tls shuld prvide the ability t filter ut results as in the case f a test directry. Ability t track prjects. The scan tl shuld be able t keep the status f vulnerabilities between scans fr tracking purpses. Scan cmparisn. The SAST tl shuld enable the cmparisn f results frm ne scan t anther t mnitr the state f vulnerabilities. 2. Reprts. The tl shuld prvide multiple layers f reprting. Dashbard. Prvides a typical executive summary sectin with a high-level verview f the state f the applicatin s cde. Reprts per plicy. The ability t cnfigure a reprt t present nly relevant infrmatin. Fr example, PCI. STAGE 5 Integratin int the SDLC There are bth lgical and technlgical aspects when integrating surce cde analysis within the Sftware Develpment Life Cycle (SDLC): 1. SDLC mdel. Measurements include: Early-stage scanning. Scanning early supprts SDLC s fundamental cncept f fixing cde flaws including security vulnerabilities - as early as pssible within the develpment prcess. Varius SAST tls prvide the ability t scan cde prir t cde cmpilatin, r befre the cde s check-in. 4
5 Surce Cde Analysis Made Easy Supprt fr secure Agile develpment and Cntinuus Deplyment envirnments. Agile and Cntinuus Deplyment (aka DevOps) mandate that scanning must be dne within minutes, and cannt tlerate any latency due t excessive prcessing, scanning verhead and fixing. Accrdingly, the SAST tl shuld enable the develpers t perfrm ad-hc scanning frm within their develpment envirnments. Rescanning. Rescanning a prject shuld nt require the redundant scanning f files previusly analyzed. Fr example, SAST tls with incremental scanning features scan nly the cde and its dependencies that were mdified frm the previus scan. 2. SDLC tls. The SAST tl shuld be able t incrprate, as-if naturally, within the enterprise systems withut requiring extra tuning r cnfiguratin. The pint here is nt nly t save develper time but als making security part f the develpment prcess. Suggested integratin pints include: Develpment envirnment. The SAST tl needs t seamlessly fit int the develpment envirnment regardless f language and cmpiler versins. This als includes integratin within the IDE-develpment tl (e.g. Visual Studi, Eclipse, IntelliJ). Build management tls. e.g. TeamCity, Bamb, Jenkins, Maven and Ant. Surce-cde repsitries. e.g. GIT, SVN, TFS, Mercurial, ClearCase. Several SAST tls can run within the surce cde repsitry, withut even requiring a build management system. Bug-tracking system. The SAST tl shuld be able t inject results f the scan int bug tracking systems t priritize vulnerability fixing accrding t release schedule, time t fix, vulnerability impact, and hw it fits with ther tasks. STAGE 6 Respnsiveness and Supprt f Vendr Last but nt least, a SAST purchase is an nging prcess. Just like any tl, there may be questins regarding its usage, best practices and f curse, custmizability aspects. Cnsider the fllwing services frm the vendr: - Implementatin f custmized SAST queries (aka rules) and plicies fr yur prprietary cde - Engineer supprt and training fr the SAST tl users - Accunt manager t accmpany yur rganizatin thrughut the lifetime f the SAST tl - Availability and respnsiveness t inquiries thrughut the lifetime f the SAST tl 5
Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch
More informationSystem Business Continuity Classification
Business Cntinuity Prcedures Business Impact Analysis (BIA) System Recvery Prcedures (SRP) System Business Cntinuity Classificatin Cre Infrastructure Criticality Levels Critical High Medium Lw Required
More informationThe Importance Advanced Data Collection System Maintenance. Berry Drijsen Global Service Business Manager. knowledge to shape your future
The Imprtance Advanced Data Cllectin System Maintenance Berry Drijsen Glbal Service Business Manager WHITE PAPER knwledge t shape yur future The Imprtance Advanced Data Cllectin System Maintenance Cntents
More informationSystem Business Continuity Classification
System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality
More information1)What hardware is available for installing/configuring MOSS 2010?
1)What hardware is available fr installing/cnfiguring MOSS 2010? 2 Web Frnt End Servers HP Prliant DL 380 G7 2 quad cre Intel Xen Prcessr E5620, 2.4 Ghz, Memry 12 GB, 2 HP 146 GB drives RAID 5 2 Applicatin
More informationCase Study Best mcommerce marketplace system
Case Study Best mcmmerce marketplace system www.brainvire.cm 2015 Brainvire Inftech Pvt. Ltd Page 1 f 1 Client Requirement The client is ne f the mst experienced merchandize selling cmpany wners wh has
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationWEB APPLICATION SECURITY TESTING
WEB APPLICATION SECURITY TESTING Cpyright 2012 ps_testware 1/7 Intrductin Nwadays every rganizatin faces the threat f attacks n web applicatins. Research shws that mre than half f all data breaches are
More informationVulnerability Management:
Vulnerability Management: Creating a Prcess fr Results Kyle Snavely Veris Grup, LLC Summary Organizatins increasingly rely n vulnerability scanning t identify risks and fllw up with remediatin f thse risks.
More informationIntegrating With incontact dbprovider & Screen Pops
Integrating With incntact dbprvider & Screen Pps incntact has tw primary pints f integratin. The first pint is between the incntact IVR (script) platfrm and the custmer s crprate database. The secnd pint
More informationCOE: Hybrid Course Request for Proposals. The goals of the College of Education Hybrid Course Funding Program are:
COE: Hybrid Curse Request fr Prpsals The gals f the Cllege f Educatin Hybrid Curse Funding Prgram are: T supprt the develpment f effective, high-quality instructin that meets the needs and expectatins
More informationHave some knowledge of how queries execute. Must be able to read a query execution plan and understand what is happening.
Curse 2786B: Designing a Micrsft SQL Server 2005 Infrastructure Abut this Curse This tw-day instructr-led curse prvides database administratrs wrking in enterprise envirnments with the knwledge and skills
More informationCopyright 2013, SafeNet, Inc. All rights reserved. http://www.safenet-inc.com/ We have attempted to make these documents complete, accurate, and
ii Cpyright 2013, SafeNet, Inc. All rights reserved. http://www.safenet-inc.cm/ We have attempted t make these dcuments cmplete, accurate, and useful, but we cannt guarantee them t be perfect. When we
More informationATL: Atlas Transformation Language. ATL Installation Guide
ATL: Atlas Transfrmatin Language ATL Installatin Guide - versin 0.1 - Nvember 2005 by ATLAS grup LINA & INRIA Nantes Cntent 1 Intrductin... 3 2 Installing ADT frm binaries... 3 2.1 Installing Eclipse and
More informationConfiguring BMC AREA LDAP Using AD domain credentials for the BMC Windows User Tool
Cnfiguring BMC AREA LDAP Using AD dmain credentials fr the BMC Windws User Tl Versin 1.0 Cnfiguring the BMC AREA LDAP Plugin fr Dmain Username and Passwrds Intrductin...3 LDAP Basics...4 What is LDAP and
More informationLegacy EMR Data Conversions
Legacy EMR Data Cnversins Agenda Abut us Drivers fr EMR Replacement Things t Cnsider Tp 5 Reasns EMR Cnversins Fail Optins fr Legacy EMR Cnversin Case Study Abut Us Health efrmatics is a healthcare IT
More informationPort Manager. Microsoft Dynamics CRM for Ports
Prt Manager Micrsft Dynamics CRM fr Prts February 2015 Overview Celedn Partners Prt Manager encapsulates the functinality f many prt related prcesses int an easy t learn and easy t use tl. The slutin leverages
More informationStandards and Procedures for Approved Master's Seminar Paper or Educational Project University of Wisconsin-Platteville Requirements
Standards and Prcedures fr Apprved Master's Seminar Paper r Educatinal Prject University f Wiscnsin-Platteville Requirements Guidelines Apprved by the Graduate Cuncil University f Wiscnsin-Platteville
More informationImproved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
More informationGetting Started Guide
AnswerDash Resurces http://answerdash.cm Cntextual help fr sales and supprt Getting Started Guide AnswerDash is cmmitted t helping yu achieve yur larger business gals. The utlined pre-launch cnsideratins
More informationThe user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures.
Learn Basic Single Sign-On Authenticatin Tale s Basic SSO applicatin grants Learn access t users withut requiring that they enter authenticatin lgin credentials (username and passwrd). The access pint
More informationMANAGED VULNERABILITY SCANNING
Abut SensePst SensePst is an independent and bjective rganisatin specialising in infrmatin security cnsulting, training, security assessment services and IT Vulnerability Management. SensePst is abut security.
More informationDisk Redundancy (RAID)
A Primer fr Business Dvana s Primers fr Business series are a set f shrt papers r guides intended fr business decisin makers, wh feel they are being bmbarded with terms and want t understand a cmplex tpic.
More informationALM in the Cloud an Overview of Oracle Developer Cloud Service. Introduction. By Dana Singleterry
ALM in the Clud an Overview f Oracle Develper Clud Service Intrductin By Dana Singleterry In recent years the wrld f applicatin develpment has adpted new methdlgies that aim t imprve the quality and speed
More informationIntegrate Marketing Automation, Lead Management and CRM
Clsing the Lp: Integrate Marketing Autmatin, Lead Management and CRM Circular thinking fr marketers 1 (866) 372-9431 www.clickpintsftware.cm Clsing the Lp: Integrate Marketing Autmatin, Lead Management
More informationMobile Device Manager Admin Guide. Reports and Alerts
Mbile Device Manager Admin Guide Reprts and Alerts September, 2013 MDM Admin Guide Reprts and Alerts i Cntents Reprts and Alerts... 1 Reprts... 1 Alerts... 3 Viewing Alerts... 5 Keep in Mind...... 5 Overview
More informationNC3A SOA Techwatch Day Call for Presentations
NC3A SOA Techwatch Day Call fr Presentatins 1 February 2012 Hsted at NATO C3 Agency, The Hague, The Netherlands By NC3A Chief Technlgy Office (CTO) David Burtn Chief Technlgy fficer Versin 1, 1 December
More information2. When logging is used, which severity level indicates that a device is unusable?
Last updated by Admin at March 3, 2015. 1. What are the mst cmmn syslg messages? thse that ccur when a packet matches a parameter cnditin in an access cntrl list link up and link dwn messages utput messages
More informationUsing PayPal Website Payments Pro UK with ProductCart
Using PayPal Website Payments Pr UK with PrductCart Overview... 2 Abut PayPal Website Payments Pr & Express Checkut... 2 What is Website Payments Pr?... 2 Website Payments Pr and Website Payments Standard...
More informationMobile Workforce. Improving Productivity, Improving Profitability
Mbile Wrkfrce Imprving Prductivity, Imprving Prfitability White Paper The Business Challenge Between increasing peratinal cst, staff turnver, budget cnstraints and pressure t deliver prducts and services
More informationBusiness Intelligence and DataWarehouse workshop
Business Intelligence and DataWarehuse wrkshp Benefits: Enables the Final year BE student/ Junir IT prfessinals t get a perfect blend f thery and practice n Business Intelligence and Data warehuse s as
More informationOakland Unified School District Impact Assessment Performance Management in Action
Oakland Unified Schl District Impact Assessment Perfrmance Management in Actin The perfrmance management system that has been built in this district prvides the systems that supprt ur cmmitment t scial
More informationAvePoint Privacy Impact Assessment 1
AvePint Privacy Impact Assessment 1 User Guide Cumulative Update 2 Revisin E Issued February 2015 Table f Cntents Table f Cntents... 2 Abut AvePint Privacy Impact Assessment... 5 Submitting Dcumentatin
More informationCreating automated reports using VBS AN 44
Creating autmated reprts using VBS AN 44 Applicatin Nte t the KLIPPEL R&D and QC SYSTEM Publishing measured results is imprtant t custmers and clients. While the KLIPPEL database cntains all infrmatin
More informationITIL Release Control & Validation (RCV) Certification Program - 5 Days
ITIL Release Cntrl & Validatin (RCV) Certificatin Prgram - 5 Days Prgram Overview ITIL is a set f best practices guidance that has becme a wrldwide-adpted framewrk fr Infrmatin Technlgy Services Management
More informationInformation paper Reference Data Management Service
This infrmatin paper describes the EU Reference Data Management Service. This Service prvides a central database, web service web applicatin fr maintaining RIS reference data, which is used by varius RIS-systems
More informationLeadStreet Broker Guide
RE/MAX f Western Canada LeadStreet Brker Guide Ver. 2.0 Revisin Histry Name Date Versin Descriptin Tamika Anglin 09/04/13 1.0 Initial Creatin Tamika Anglin 11/05/13 2.0 Inclusin f instructins n reprting
More informationStarterPak: Dynamics CRM Opportunity To NetSuite Sales Order
StarterPak: Dynamics CRM Opprtunity T NetSuite Sales Order Versin 1.0 7/20/2015 Imprtant Ntice N part f this publicatin may be reprduced, stred in a retrieval system, r transmitted in any frm r by any
More informationWHITEPAPER Reference Architectures for Portal-based Rich Internet Applications
Authr: Sven Rieger Created n: 2015-04-10 Versin: 1.0 Rich Internet (RIAs) are HTML5-based applicatins with a desktp-like lk&feel which run inside a web brwser. The Micrsft Office applicatins Wrd, Excel,
More informationAn Oracle White Paper January 2013. Comprehensive Data Quality with Oracle Data Integrator and Oracle Enterprise Data Quality
An Oracle White Paper January 2013 Cmprehensive Data Quality with Oracle Data Integratr and Oracle Enterprise Data Quality Executive Overview Pr data quality impacts almst every cmpany. In fact, accrding
More informationResearch Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012
Research Reprt Abstract: The Emerging Intersectin Between Big Data and Security Analytics By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm Nvember 2012 2012 by The Enterprise Strategy Grup, Inc.
More informationSoftware and Hardware Change Management Policy for CDes Computer Labs
Sftware and Hardware Change Management Plicy fr CDes Cmputer Labs Overview The cmputer labs in the Cllege f Design are clsely integrated with the academic needs f faculty and students. Cmputer lab resurces
More informationBusiness Intelligence represents a fundamental shift in the purpose, objective and use of information
Overview f BI and rle f DW in BI Business Intelligence & Why is it ppular? Business Intelligence Steps Business Intelligence Cycle Example Scenaris State f Business Intelligence Business Intelligence Tls
More informationUNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES
UNIVERSITY OF CALIFORNIA MERCED PERFORMANCE MANAGEMENT GUIDELINES REFERENCES AND RELATED POLICIES A. UC PPSM 2 -Definitin f Terms B. UC PPSM 12 -Nndiscriminatin in Emplyment C. UC PPSM 14 -Affirmative
More informationSBClient and Microsoft Windows Terminal Server (Including Citrix Server)
SBClient and Micrsft Windws Terminal Server (Including Citrix Server) Cntents 1. Intrductin 2. SBClient Cmpatibility Infrmatin 3. SBClient Terminal Server Installatin Instructins 4. Reslving Perfrmance
More informationResearch Report. Abstract: Advanced Malware Detection and Protection Trends. September 2013
Research Reprt Abstract: Advanced Malware Detectin and Prtectin Trends By Jn Oltsik, Senir Principal Analyst With Jennifer Gahm, Senir Prject Manager September 2013 2013 by The Enterprise Strategy Grup,
More informationHP Point of Sale FAQ Warranty, Care Pack Service & Support. Limited warranty... 2 HP Care Pack Services... 3 Support... 3
HP Pint f Sale FAQ Warranty, Care Pack Service & Supprt Limited warranty... 2 HP Care Pack Services... 3 Supprt... 3 Limited warranty Q: What des a 3/3/3 limited warranty mean? A: HP Retail Pint f Sale
More informationBest Practice - Pentaho BA for High Availability
Best Practice - Pentah BA fr High Availability This page intentinally left blank. Cntents Overview... 1 Pentah Server High Availability Intrductin... 2 Prerequisites... 3 Pint Each Server t Same Database
More informationImportance and Contribution of Software Engineering to the Education of Informatics Professionals
Imprtance and Cntributin f Sftware Engineering t the Educatin f Infrmatics Prfessinals Dr. Tick, József Budapest Plytechnic, Hungary, tick@bmf.hu Abstract: As a result f the Blgna prcess a new frm f higher
More informationReadme File. Purpose. What is Translation Manager 9.3.1? Hyperion Translation Manager Release 9.3.1 Readme
Hyperin Translatin Manager Release 9.3.1 Readme Readme File This file cntains the fllwing sectins: Purpse... 1 What is Translatin Manager 9.3.1?... 1 Cmpatible Sftware... 2 Supprted Internatinal Operating
More informationInstallation Guide Marshal Reporting Console
INSTALLATION GUIDE Marshal Reprting Cnsle Installatin Guide Marshal Reprting Cnsle March, 2009 Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 3 Sftware Prerequisites 3 Installatin
More informationBackups and Backup Strategies
IT Security Office Versin 2.3 02/19/10 Backups and Backup Strategies IT managers need t plan fr backups in terms f time and space required. Hwever, mst mdern backup sftware can cmpress the backup files
More informationSecurity Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
More informationArchitecting HP Server Solutions
HP ExpertOne exam preparatin guide Architecting HP Server Slutins Exam descriptin This certificatin attests that yu can: gather and analyze business and technical requirements and then plan and design
More informationHP ExpertOne. HP2-T21: Administering HP Server Solutions. Table of Contents
HP ExpertOne HP2-T21: Administering HP Server Slutins Industry Standard Servers Exam preparatin guide Table f Cntents Overview 2 Why take the exam? 2 HP ATP Server Administratr V8 certificatin 2 Wh shuld
More informationConnector for Microsoft Dynamics Installation Guide
Micrsft Dynamics Cnnectr fr Micrsft Dynamics Installatin Guide June 2014 Find updates t this dcumentatin at the fllwing lcatin: http://g.micrsft.cm/fwlink/?linkid=235139 Micrsft Dynamics is a line f integrated,
More informationA96 CALA Policy on the use of Computers in Accredited Laboratories Revision 1.5 August 4, 2015
A96 CALA Plicy n the use f Cmputers in Accredited Labratries Revisin 1.5 August 4, 2015 A96 CALA Plicy n the use f Cmputers in Accredited Labratries TABLE OF CONTENTS TABLE OF CONTENTS... 1 CALA POLICY
More informationData Abstraction Best Practices with Cisco Data Virtualization
White Paper Data Abstractin Best Practices with Cisc Data Virtualizatin Executive Summary Enterprises are seeking ways t imprve their verall prfitability, cut csts, and reduce risk by prviding better access
More informationefusion Table of Contents
efusin Cst Centers, Partner Funding, VAT/GST and ERP Link Table f Cntents Cst Centers... 2 Admin Setup... 2 Cst Center Step in Create Prgram... 2 Allcatin Types... 3 Assciate Payments with Cst Centers...
More informationMITEL OPEN INTEGRATION GATEWAY (OIG): END- CUSTOMER DEVELOPMENT & LICENSING
MITEL OPEN INTEGRATION GATEWAY (OIG): END- CUSTOMER DEVELOPMENT & LICENSING JULY, 2014 The infrmatin cnveyed in this dcument is cnfidential and prprietary t Mitel and is intended slely fr Mitel emplyees
More informationDesign for securability Applying engineering principles to the design of security architectures
Design fr securability Applying engineering principles t the design f security architectures Amund Hunstad Phne number: + 46 13 37 81 18 Fax: + 46 13 37 85 50 Email: amund@fi.se Jnas Hallberg Phne number:
More informationGetting Started Guide
Getting Started Guide AnswerDash is cmmitted t helping yu achieve yur larger business gals. The utlined pre-launch cnsideratins are key t setting up yur implementatin s yu can make pwerful imprvements
More informationImplementation Management Guide
Implementatin Management Guide Table f Cntents 1 Overview... 2 2 Implementatin Scpe... 2 3 Implementatin Wrkflw... 3 4 Intrductins and scheduling f Kick-ff Meeting... 4 5 Kick-Off Meeting Objectives &
More informationZimbra Professional Services Portfolio, Purchasing Guide & Price List
In- Tuitin Netwrks Ltd Zimbra Prfessinal Services Prtfli, Purchasing Guide & Price List This dcument prvides an verview f In- Tuitin Netwrks Limited s range f Zimbra Prfessinal Services available n the
More information990 e-postcard FAQ. Is there a charge to file form 990-N (e-postcard)? No, the e-postcard system is completely free.
990 e-pstcard FAQ Fr frequently asked questins abut filing the e-pstcard that are nt listed belw, brwse the FAQ at http://epstcard.frm990.rg/frmtsfaq.asp# (cpy and paste this link t yur brwser). General
More informationOrganisational self-migration guide an overview V1-5 April 2014
Organisatinal self-migratin guide an verview V1-5 April 2014 Cpyright 2013, Health and Scial Care Infrmatin Centre. 1 Self Migratin t NHSmail an verview fr rganisatins Cntents Intrductin 3 1. Initial preparatins
More informationCS 360 Software Development Spring 2008 Tuesdays and Thursdays 3:30 p.m. 4:45 p.m.
CS 360 Sftware Develpment Spring 2008 Tuesdays and Thursdays 3:30 p.m. 4:45 p.m. Instructr: Ingrid Russell Office: Dana 343 email: irussell@hartfrd.edu http://uhaweb.hartfrd.edu/irussell Curse Descriptin:
More informationNAVIPLAN PREMIUM LEARNING GUIDE. Existing insurance coverage
NAVIPLAN PREMIUM LEARNING GUIDE Existing insurance cverage Cntents Existing insurance cverage 1 Learning bjectives 1 NaviPlan planning stages 1 Client case 2 Enter yur clients existing life, disability,
More informationWinFlex Web Single Sign-On (EbixLife XML Format) Version: 1.5
WinFlex Web Single Sign-On (EbixLife XML Frmat) Versin: 1.5 The gal f this dcument is t specify and explre the basic peratins that are required t facilitate a vendr applicatin requesting access t the WinFlex
More informationChange Management Process
Change Management Prcess B1.10 Change Management Prcess 1. Intrductin This plicy utlines [Yur Cmpany] s apprach t managing change within the rganisatin. All changes in strategy, activities and prcesses
More informationUser Guide Version 3.9
User Guide Versin 3.9 Page 2 f 22 Summary Cntents 1 INTRODUCTION... 3 1.1 2 CREATE A NEW ACCOUNT... 4 2.1 2.2 3 NAVIGATION... 3 CREATE AN EMAIL ACCOUNT... 4 CREATE AN ALIAS ACCOUNT... 6 MODIFYING AN EXISTING
More informationProject Startup Report Presented to the IT Committee June 26, 2012
Prject Name: SOS File 2.0 Agency: Secretary f State Business Unit/Prgram Area: Secretary f State Prject Spnsr: Al Jaeger Prject Manager: Beverly Maitland Prject Startup Reprt Presented t the IT Cmmittee
More informationOnline Learning Portal best practices guide
Online Learning Prtal Best Practices Guide best practices guide This dcument prvides Micrsft Sftware Assurance Benefit Administratrs with best practices fr implementing e-learning thrugh the Micrsft Online
More informationTrends and Considerations in Currency Recycle Devices. What is a Currency Recycle Device? November 2003
Trends and Cnsideratins in Currency Recycle Devices Nvember 2003 This white paper prvides basic backgrund n currency recycle devices as cmpared t the cmbined features f a currency acceptr device and a
More informationReadme File. Purpose. Introduction to Data Integration Management. Oracle s Hyperion Data Integration Management Release 9.2.
Oracle s Hyperin Data Integratin Management Release 9.2.1 Readme Readme File This file cntains the fllwing sectins: Purpse... 1 Intrductin t Data Integratin Management... 1 Data Integratin Management Adapters...
More informationLicensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite
Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This
More informationThe Relativity Appliance Installation Guide
The Relativity Appliance Installatin Guide February 4, 2016 - Versin 9 & 9.1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationWhite Paper for Mobile Workforce Management and Monitoring Copyright 2014 by Patrol-IT Inc. www.patrol-it.com
White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm White Paper fr Mbile Wrkfrce Management and Mnitring Cpyright 2014 by Patrl-IT Inc. www.patrl-it.cm 2
More informationPreparing to Deploy Reflection : A Guide for System Administrators. Version 14.1
Preparing t Deply Reflectin : A Guide fr System Administratrs Versin 14.1 Table f Cntents Table f Cntents... 2 Preparing t Deply Reflectin 14.1:... 3 A Guide fr System Administratrs... 3 Overview f the
More informationFund Accounting Class II
Fund Accunting Class II BS&A Fund Accunting Class II Cntents Gvernmental Financial Reprting Mdel - Minimum GAAP Reprting Requirements... 1 MD&A (Management's Discussin and Analysis)... 1 Basic Financial
More informationInstallation Guide Marshal Reporting Console
Installatin Guide Installatin Guide Marshal Reprting Cnsle Cntents Intrductin 2 Supprted Installatin Types 2 Hardware Prerequisites 2 Sftware Prerequisites 3 Installatin Prcedures 3 Appendix: Enabling
More informationX7500 Series, X4500 Scanner Series MFPs: LDAP Address Book and Authentication Configuration and Basic Troubleshooting Tips
X7500 Series, X4500 Scanner Series MFPs: LDAP Address Bk and Authenticatin Cnfiguratin and Basic Trubleshting Tips Lexmark Internatinal 1 Prerequisite Infrm atin In rder t cnfigure a Lexmark MFP fr LDAP
More informationConsiderations for Success in Workflow Automation. Automating Workflows with KwikTag by ImageTag
Autmating Wrkflws with KwikTag by ImageTag Cnsideratins fr Success in Wrkflw Autmatin KwikTag balances cmprehensive, feature-rich Transactinal Cntent Management with affrdability, fast implementatin, ease
More informationDocument Management Versioning Strategy
1.0 Backgrund and Overview Dcument Management Versining Strategy Versining is an imprtant cmpnent f cntent creatin and management. Versin management is a key cmpnent f enterprise cntent management. The
More informationGetting Started Guide
fr SharePint www.lgbinder.cm Getting Started Guide Dcument versin 3 Cntents Installing LOGbinder fr SharePint... 3 Step 1 Select Server and Check Sftware Requirements... 3 Select Server... 3 Sftware Requirements...
More informationIntroduction to Mindjet MindManager Server
Intrductin t Mindjet MindManager Server Mindjet Crpratin Tll Free: 877-Mindjet 1160 Battery Street East San Francisc CA 94111 USA Phne: 415-229-4200 Fax: 415-229-4201 mindjet.cm 2013 Mindjet. All Rights
More informationOR 2) Implement and customize an off the shelf product that would suit the requirements
CRM Custmer Relatinship Management Request fr Prpsal (RFP) Created by : Gayathri Jaganathan Rle : Prject Manager Prpsal Date: 10/02/06 Organizatin: AIM Alliance Inspectin Management Cmpany Lcatin : 28235
More informationUsing PayPal Website Payments Pro with ProductCart
Using PayPal Website Payments Pr with PrductCart Overview... 2 Abut PayPal Website Payments Pr & Express Checkut... 3 What is Website Payments Pr?... 3 Website Payments Pr and Website Payments Standard...
More informationNew in this release. Sphere 9.4.3.2 (October 2013)
New in this release Sphere 9.4.3.2 (Octber 2013) The fllwing client-facing changes were implemented: An issue that prevented certain Friends Asking Friends spnsrship levels frm appearing as ptins n the
More informationHow to Reduce Project Lead Times Through Improved Scheduling
Hw t Reduce Prject Lead Times Thrugh Imprved Scheduling PROBABILISTIC SCHEDULING & BUFFER MANAGEMENT Cnventinal Prject Scheduling ften results in plans that cannt be executed and t many surprises. In many
More informationThis guide is intended for administrators, who want to install, configure, and manage SAP Lumira, server for BI Platform
Hw T install SAP Lumira, server n SAP BusinessObjects BI platfrm Distributed Install Applies t: SAP Lumira, server versin fr the SAP BusinessObjects BI platfrm Summary This guide is intended fr administratrs,
More informationTen Steps for an Easy Install of the eg Enterprise Suite
Ten Steps fr an Easy Install f the eg Enterprise Suite (Acquire, Evaluate, and be mre Efficient!) Step 1: Dwnlad the eg Sftware; verify hardware and perating system pre-requisites Step 2: Obtain a valid
More informationDiagnostic Manager Change Log
Diagnstic Manager Change Lg Updated: September 8, 2015 4.4.4090 Features and Issues Supprt fr Office 365 Tenants Yu can nw: Mnitr the status f Office 365 Services (including SharePint Online, Exchange
More informationCredit Report Reissue Recommendation TABLE OF CONTENTS
T: Credit Reprting Wrkgrup Frm: Mike Bixby (305) 829-5549 MBixby@LandAm.cm Paul Wills (770) 740-7353 Paul.Wills@Equifax.cm Date: February 13, 2007 Re: Credit Reprt Reissue Recmmendatin The MISMO Credit
More informationElectronic Data Interchange (EDI) Requirements
Electrnic Data Interchange (EDI) Requirements 1.0 Overview 1.1 EDI Definitin 1.2 General Infrmatin 1.3 Third Party Prviders 1.4 EDI Purchase Order (850) 1.5 EDI PO Change Request (860) 1.6 Advance Shipment
More informationGUJARAT TECHNOLOGICAL UNIVERSITY
GUJARAT TECHNOLOGICAL UNIVERSITY COMPUTER ENGINEERING (07) AND INFORMATION TECHNOLOGY (16) SOFTWARE ENGINEERING SUBJECT CODE: 2160701 B.E. 6 th SEMESTER Type f curse: NA Prerequisite: Object Oriented Prgramming
More informationKronoDesk Migration and Integration Guide Inflectra Corporation
/ KrnDesk Migratin and Integratin Guide Inflectra Crpratin Date: September 24th, 2015 0B Intrductin... 1 1B1. Imprting frm Micrsft Excel... 2 6B1.1. Installing the Micrsft Excel Add-In... 2 7B1.1. Cnnecting
More informationexpertise hp services valupack consulting description security review service for Linux
expertise hp services valupack cnsulting descriptin security review service fr Linux Cpyright services prvided, infrmatin is prtected under cpyright by Hewlett-Packard Cmpany Unpublished Wrk -- ALL RIGHTS
More informationConfiguring, Monitoring and Deploying a Private Cloud with System Center 2012 Boot Camp
Cnfiguring, Mnitring and Deplying a Private Clud with System Center 2012 Bt Camp Length: 5 Days Technlgy: Micrsft System Center 2012 Delivery Methd: Instructr-led Hands-n Audience Prfile This curse is
More information