HCL AppScan is a set of tools to perform application security to protect your applications from compromising by malicious attacks.
The suite includes cloud-based, on-premise, and desktop options.
Product Components
AppScan on Cloud
Cloud-based scanning solution for teams wanting managed infrastructure.
AppScan Enterprise
The on-premise solution provides DAST scanning with a dashboard console that consolidates static scan data and IAST results.
Organizations can maintain records locally while distributing scanning across multiple servers for scalability.
AppScan Standard
Described as the flagship offering, this DAST tool emerged approximately 20 years ago.
It supports both local desktop scanning and integration with cloud or enterprise environments.
AppScan Source
The SAST component enables static code analysis on desktop systems or within CI/CD pipelines, scanning entire codebases for vulnerabilities.
AppScan CodeSweep
Offering detection capabilities equivalent to AppScan Source, this free community edition operates as a VS Code plugin with single-file scanning limitations.
Advanced Features
Intelligent Code Analytics (ICA)
This cognitive capability streamlines onboarding dramatically.
Rather than requiring manual intervention over days or weeks, the system achieves setup within minutes through automated code understanding.
Intelligent Findings Analytics (IFA)
Managing hundreds of initial SAST findings becomes feasible through intelligent grouping and filtering.
The feature traces common issues and consolidates them, reducing ticket volume and enabling focused prioritization.