HCL AppScan

Home All Solutions & Products IT Security Solutions HCL AppScan
This diagram depicts the AppScan Enterprise ecosystem, including integrations.

Rapidly identify, understand and remediate security vulnerabilities

HCL AppScan (formerly IBM Security AppScan) is a security vulnerability testing tool for web applications and web services. It features the most advanced testing methods to help protect your site from the threat of cyberattack, together with a full range of application data output options.

 

AppScan Standard employs three distinct testing techniques that complement and enhance each other:

  • Dynamic Analysis “black-box scanning”: this is the primary method. It tests and evaluates application responses during runtime.
  • Static Analysis “white-box scanning”: this is a unique technology that analyzes JavaScript code in the context of the full web page.
  • Interactive Analysis “glass box scanning”: this dynamic test engine can interact with a dedicated glass box agent that resides on the web server itself, enabling AppScan to identify more issues with greater accuracy than it could by conventional dynamic testing alone.

 

AppScan Standard helps you decrease the risk of web application attacks and data breaches both before site deployment and during ongoing risk assessment in production. AppScan’s advanced capabilities include:

  • General and regulatory compliance reporting, with over 40 different templates available out of the box.
  • Customization and extensibility through the AppScan eXtension Framework, or by direct integration into existing systems using the AppScan SDK.
  • Link categorization capabilities that go beyond application security to identify risks posed to users from links to malicious or other unwanted sites.

 

HCL AppScan Source (former IBM® Security AppScan Source) delivers maximum value to every user in your organization who plays a role in software security. Whether you’re a security analyst analyst, quality assurance professional, developer, or executive, the AppScan Source products deliver the functionality, flexibility, and power you need – right to your desktop.

 

HCL AppScan Enterprise (formerly IBM® Security AppScan Enterprise) introduces a new set of capabilities that provide security teams with the application security intelligence needed to make informed, risk-based decisions. This includes the capability to build a consolidated inventory of all application assets. Assets can be described in terms of a list of attributes meaningful to the organization. Security specialists can query the portfolio to identify types of applications that match certain characteristics. They can also create rules that automatically classify an application asset based on the asset’s description.

 

Contact us for more information, with any questions, or to set up a meeting.