托管应用程序安全是 OpenText™ 应用程序安全平台的云端单租户部署方案。OpenText 可在您选择的 AWS 区域中配置和运行环境，提供 SAST、DAST 和可选的 SCA，并将其紧密集成到您的软件开发生命周期中。OpenText 负责基础设施、升级和备份，确保您的团队专注于 AppSec，而非服务器。

为什么选择托管应用程序安全

在由 OpenText 通过 AWS 或 OpenText 私有云托管的单租户托管云环境中部署企业级 AppSec。

启用私有 AppSec，由我们为您托管

在您选择的 AWS 区域中，获取专属 AppSec 环境，该环境完全由 OpenText 托管和运营。您可以在保持控制和隔离的同时，减轻所有基础设施和升级负担。
集成到您的 DevSecOps 管道中

为 DevSecOps 构建的托管 AppSec 环境科通过插件、运行程序和完整 API 接入 IDE、CI/CD 管道和构建系统。在每次提交或发布时运行 SAST、DAST 和可选的 SCA，并在软件安全中心管理结果和策略。
实现全面覆盖和快速修复

实现更广泛的覆盖范围、更智能的发现和更快速的修复。由机器学习驱动的审计能够消除噪音，突出重点，并在开发人员的工作流中提供即时可行的指导。
实现集中风险可视化与治理

洞察一切信息，单一仪表板，实现全面控制。跟踪风险、执行策略，并通过统一的指挥中心管理每个团队和应用程序的 AppSec。

商业影响

AppSec 现代化

启动或更新 AppSec 程序会让团队陷入硬件、设置和维护等方面的困境。通过完全托管的单租户环境，助其专注保护应用程序，而非运行服务器。
治理与合规管理

共享 SaaS 模式无法满足严格的合规需求。通过专用、隔离的云环境满足监管、驻留和内部安全要求。
测试容量

随着程序的增长，您也需要支持更多的应用程序、更大的扫描量和更快的发布周期。根据需要增加容量，并通过灵活的 SAST 和 DAST 计算选项按需提升扫描能力。
面向全球团队的统一 AppSec

当团队分散在全球各地时，您如何协同管理整个企业的安全策略？为每个开发团队提供单一且一致的方法，通过集中式策略、仪表板和工作流来测试、分类和报告风险。

获取托管应用程序安全概述

探索解决方案的组成部分

产品

利用 OpenText 解决业务挑战。

OpenText™ Core Application Security
解锁安全测试、漏洞管理以及量身定制的专业知识与支持
OpenText™ Static Application Security Testing (SAST)
以行业领先的准确性，尽早发现并修复安全问题
OpenText™ Dynamic Application Security Testing (DAST)
持续测试实时应用，发现现实世界的漏洞
OpenText™ Core Open Source Select
在单一数据库中查找和评估超过 4,000 万个开源项目
OpenText™ Application Security Aviator
借助 AI 代码分析和代码修复建议，实现更智能的安全防护，而无需高强度投入
OpenText™ Core Software Composition Analysis
全面掌控开源安全性、合规性和健康状况
OpenText™ 和 Secure Code Warrior
通过风险管理和补救措施培训加速安全编码

专业服务

OpenText Consulting Services 将端到端解决方案实施与全面的技术服务相结合，帮助改进系统。

Resources

It’s a cloud-based, single-tenant application security environment provisioned and operated by OpenText. The service includes the core components required to run static, dynamic, and optional software composition analysis within your SDLC, without your team having to manage infrastructure, upgrades, or backups.
Both options deliver a dedicated, single-tenant application security environment operated by OpenText. The AWS-hosted version runs in a commercial AWS region you select, while the OpenText Private Cloud version is delivered within an OpenText-operated private cloud environment. Both provide similar isolation, management, and support models to meet varying security and residency requirements.
The environment supports static application security testing (SAST), dynamic application security testing (DAST), and optional Software Composition Analysis (SCA). These assessments can be triggered through the web interface, CI/CD pipelines, APIs, developer tools, and automated workflows.
Users interact through Software Security Center, a web-based management interface used to configure applications, view results, and manage policies. Developer and DevSecOps teams can also use IDE plugins, CI/CD extensions, build tool integrations, and API-driven automation to run assessments and pull results directly into their workflows.
OpenText is responsible for provisioning, operating, monitoring, backing up, and upgrading the hosted environment. Maintenance windows, update schedules, and availability targets are defined in the service description, and the environment is operated according to documented service levels.
Access is established through secure internet connectivity restricted to approved IP ranges or through a site-to-site VPN, depending on your organization’s networking requirements. All traffic to the hosted environment follows approved connectivity patterns defined during onboarding.
Yes. You can adjust the mix and quantity of SAST and DAST scan machines to meet changing demand. Capacity can be increased to support additional applications, larger codebases, or more frequent scan cycles.
Yes. Software Security Center provides a unified view of application risk across all projects. It centralizes policies, roles, metrics, dashboards, and reporting to support audits, compliance, and enterprise-wide AppSec governance.

Hosted application security overview

Read the product overview

OpenText Portfolio delivery models data sheet

Read the data sheet

Gartner® Magic Quadrant™ for Application Security Testing

Read the report