Rapidly identify, understand and remediate security vulnerabilities
HCL AppScan (former IBM Security AppScan) is a security vulnerability testing tool for web applications and web services. It features the most advanced testing methods to help protect your site from the threat of cyber-attack, together with a full range of application data output options.
AppScan Standard employs three distinct testing techniques that complement and enhance each other:
- Dynamic Analysis “black-box scanning”: this is the primary method, testing and evaluating application responses during run-time.
- Static Analysis “white-box scanning”: this is a unique technology that analyzes JavaScript code in the context of the full web page.
- Interactive Analysis “glass box scanning”: the dynamic test engine can interact with a dedicated glass-box agent which resides on the web-server itself, enabling AppScan to identify more issues, and with greater accuracy, than by conventional dynamic testing alone
AppScan Standard helps you decrease the risk of web application attacks and data breaches both before site deployment and for ongoing risk assessment in production. AppScan’s advanced capabilities include:
HCL AppScan Source (former IBM® Security AppScan Source) delivers maximum value to every user in your organization who plays a role in software security. Whether a security analyst, quality assurance professional, developer, or executive, the AppScan Source products deliver the functionality, flexibility, and power you need – right to your desktop.
HCL AppScan Enterprise (former IBM® Security AppScan Enterprise) introduces a new set of capabilities that provide security teams with the application security intelligence needed to make informative risk-based decisions. This includes the capability to build a consolidated inventory of all application assets. Assets can be described in terms of a list of attributes meaningful to the organization. Security specialists can query the portfolio to identify types of applications that match certain characteristics. They can also create rules that automatically classify an application asset based on the asset’s description.
Contact us for more information, questions, meeting.