IBM Security AppScan

IBM Application Scanner (AppScan) was developed to assist in detecting vulnerabilities that companies with Web applications may have. Such vulnerabilities can lead to cyber-related threats and could have damaging effects to a company’s credibility. IBM AppScan prevents these vulnerabilities, to both new and existing applications, by providing mechanisms to its users to periodically test against known vulnerabilities.

There are several versions of IBM AppScan.

IBM Application Security on Cloud

IBM Application Security on Cloud helps secure your organization’s Web and mobile applications, by detecting dozens of today’s most pervasive published security vulnerabilities. IBM Application Security on Cloud helps to eliminate vulnerabilities from applications before they are placed into production and deployed. Convenient, detailed reporting permits you to effectively address application security risk, enabling application users to benefit from a more secure experience. IBM Open Source Analyzer helps to secure and manage your open source components, by automating security testing and configuring scanning for open source.

IBM AppScan Enterprise Edition

IBM® Security AppScan® Enterprise enables organizations to mitigate application security risk, strengthen application security program management initiatives and achieve regulatory compliance. Security and development teams can collaborate, establish policies and scale testing throughout the application lifecycle. Enterprise dashboards classify and prioritize application assets based on business impact and identify high-risk areas, permitting you to maximize your remediation efforts. Performance metrics are provided that help you monitor the progress of your application security programs.

IBM Security AppScan Source

IBM® Security AppScan® Source helps organizations lower costs and reduce risk exposure by identifying web-based and mobile application source code vulnerabilities early in the software development lifecycle, so they can be fixed before deployment.

IBM Security AppScan Source integrates application security testing into your software development lifecycle. It offers enhanced mobile application scanning capabilities and supports testing for mobile web, native and hybrid applications, which includes support for JavaScript, HTML5, Cordova, Java and Objective-C. IBM Security AppScan Source also provides integration with IBM MobileFirst Studio and the ability to scan Worklight applications.

IBM Security AppScan Standard

IBM® Security AppScan® Standard helps organizations decrease the likelihood of web application attacks and costly data breaches by automating application security vulnerability testing. IBM Security AppScan Standard can be used to reduce risk by permitting you to test applications prior to deployment and for ongoing risk assessment in production environments.

IBM Security AppScan Standard supports:

  • Broad coverage to scan and test for a wide range of application security vulnerabilities.
  • Accurate scanning and advanced testing that delivers high levels of accuracy.
  • Quick remediation with prioritized results and fix recommendations.
  • Enhanced insight and compliance that helps manage compliance and provides awareness of key issues.