HCL AppScan Features
Administration (4)
API / Integrations
Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility
Provides the ability to extend the platform to include additional features and functionalities
API / Integrations
Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility
Provides the ability to extend the platform to include additional features and functionalities
Analysis (9)
Reporting and Analytics
Tools to visualize and analyze data.
Issue Tracking
Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Static Code Analysis
Examines application source code for security flaws without executing it.
Code Analysis
Scans application source code for security flaws without executing it.
Reporting and Analytics
Tools to visualize and analyze data.
Issue Tracking
Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Static Code Analysis
Examines application source code for security flaws without executing it.
Vulnerability Scan
Scans applications and networks for known vulnerabilities, holes and exploits.
Code Analysis
Scans application source code for security flaws without executing it.
Testing (13)
Command-Line Tools
Allows users to access a terminal host system and input command sequences.
Manual Testing
Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation
Runs pre-scripted security tests without requiring manual work.
Compliance Testing
Allows users to test applications for specific compliance requirements.
Black-Box Scanning
Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Detection Rate
The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives
The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Manual Testing
Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation
Runs pre-scripted security tests without requiring manual work.
Compliance Testing
Allows users to test applications for specific compliance requirements.
Black-Box Scanning
Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Detection Rate
The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives
The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Functionality - Software Composition Analysis (3)
Language Support
Supports a useful and wide variety of programming languages.
Integration
Integrates seamlessly with the build environment and development tools like repositories, package managers, etc.
Transparency
Grants comprehensive user-friendly insight into all open source components.
Effectiveness - Software Composition Analysis (3)
Remediation Suggestions
Provides relevant and helpful suggestions for vulnerability remediation upon detection.
Continuous Monitoring
Monitors open source components proactively and continuously.
Thorough Detection
Comprehensively identifies all open source version updates, vulnerabilities, and compliance issues.
Agentic AI - Static Application Security Testing (SAST) (1)
Autonomous Task Execution
Capability to perform complex tasks without constant human input
Agentic AI - Interactive Application Security Testing (IAST) (1)
Autonomous Task Execution
Capability to perform complex tasks without constant human input
