HCL AppScan

HCL AppScan
Formerly from IBM

HCL AppScan

Overview

What is HCL AppScan?

AppScan (formerly Rational AppScan) is an application security testing solution acquired by HCL Technologies from IBM in late 2018. Appscan supports both dynamic (DAST) and static (SAST) application security testing.
Read more

Recent Reviews

Read all reviews

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of HCL AppScan, and make your voice heard!

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is HCL AppScan?

AppScan (formerly Rational AppScan) is an application security testing solution acquired by HCL Technologies from IBM in late 2018. Appscan supports both dynamic (DAST) and static (SAST) application security testing.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

14 people want pricing too

Alternatives Pricing

What is SonarQube?

SonarQube (formerly Sonar) is an open source application security solution.

What is Detectify?

Detectify headquartered in Denmark uses ethical hacker shared knowledge to provide a vulnerability management solution for protecting web assets.

Return to navigation

Product Details

What is HCL AppScan?

AppScan (formerly Rational AppScan) is an application security testing solution acquired by HCL Technologies from IBM in late 2018. Appscan supports both dynamic (DAST) and static (SAST) application security testing.

HCL AppScan Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

 (21)

Reviews

(1-5 of 5)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
  • Test the application
  • Explore the application for vulnerabilities
  • Runs automatic scans
  • It can have a FAQ session in the Application itself.
  • It can recommend the fix for the error that occurred during the scan.
  • Like its storing multiple manuals explore, It should have the capability of storing multiple logins.
Brandon R Hudson | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
  • Programming function.
  • Vulnerability diagnostic report.
  • I think it is convenient to be able to diagnose vulnerabilities regularly with the scheduling function.
  • The functions you want, the points that are difficult to understand.
  • Issues presented in the vulnerability diagnostic report may not be fully explained and not well understood.
  • You may think it is very basic and natural, "diagnose screen after login" "diagnose according to input transition ⇒ confirmation ⇒ completion" but to do all this, you need regular expressions, and macros, there are many products that require you to write scripts.
November 07, 2021

HCL AppScan insights

Score 7 out of 10
Vetted Review
Verified User
  • learns behavior of each application to test application-specific vulnerabilities
  • Provides mobile application scan with predefined templates
  • simplify the upfront planning for configuration
  • improves the resource management to prevent from crashes and timeout
Score 8 out of 10
Vetted Review
Verified User
  • AppScan works well in finding application vulnerabilities such as SQL injection, cross-site scripting and all of the OWASP top 10.
  • Flexible reporting allows us to generate executive reports for application owners as well as separate technical reports for developers and system engineers.
  • Technical reports include remediation information and cross reference CVSS scores
  • Because it maintains data on all repeated assessments it helps us to do trending and metrics on compliance
  • We have been asking IBM to upgrade the connectivity from scanner to database to use TLS 1.2. Currently uses TLS 1.0 which we are trying to completely deprecate from our environment.
  • We have been having some login issues with authenticated scans for applications that use federated login (Shibboleth) dur to re-directs and timeouts. For these systems we have to bypass the federation and login directly to the application.
Return to navigation