HCL AppScan

HCL AppScan (previously known as IBM AppScan) is a family of desktop and web security testing and monitoring tools, formerly a part of the Rational Software division of IBM. In July 2019, the product was acquired by HCLTech^[1] and is currently marketed under HCLSoftware, a product development division of HCLTech.

HCL AppScan

Developer(s)	HCLSoftware, a division of HCLTech
Stable release	Version 10.0
Type	Security testing
License	Proprietary
Website	www.hcl-software.com/appscan

History

AppScan was originally developed by Israeli software company Sanctum Ltd. (formerly Perfecto Technologies) and was first released in 1998. A year later, Sanctum expanded its web security service and launched an Application firewall, called AppShield.^[2] The first version of AppShield was developed by a team led by Gili Raanan, and was running on a dedicated Linux server.

AppScan version 2.0 was released in February 2001, adding a policy recognition engine and knowledge database, an automatic and customizable crawler engine, and an attack simulator.^[3] Version 3 was released in April 2002, adding collaborative testing capabilities, where different tasks can be assigned to different testers; and a number of user interface enhancements in both the scanning and reporting sections of the program.^[4] By 2003 AppScan was used by over 500 enterprise customers and had nearly $30 Million (USD) in annual revenue.^[5]

In July 2004, Sanctum was acquired by Massachusetts based company Watchfire, which developed a web applications management platform named WebXM. AppScan became Watchfire's flagship product and Sanctum's R&D center in Herzliya, Israel, became Watchfire's main R&D location.^[5]

In June 2007, Watchfire was acquired by IBM and incorporated into the Rational Software product line, enabling IBM to cover more of the application development lifecycle with the addition of a new tool to help developers further bolster the security of the application itself.^[6] Watchfire R&D center was incorporated into IBM R&D Labs in Israel.^[7]

In 2009 IBM acquired Ounce Labs and added yet another tool to AppScan to find and correct vulnerabilities in software source code. This new version was quickly re-packaged as a separate edition of AppScan: AppScan Source Edition.^[8]

In June 2019, HCL acquired select IBM collaboration, commerce, digital experience, AppScan and BigFix solutions.^[9][10]