IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.
Static and dynamic application security testing throughout the application lifecycle
IBM Security AppScan is a web application and web services penetration testing solution for the security specialist.
Get a quick start by using a built-in Scan Configuration Wizard.
Obtain a thorough security assessment of your web applications and web services.
Learn about vulnerabilities and how to resolve them with comprehensive advisories and fix recommendations.
Communicate vulnerabilities to development teams using detailed PDF reports.
Determine areas of non-compliance to industry regulations.
Automated Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) of modern web applications and services.
SOAP and REST web services testing, covering XML and JSON infrastructure. Support for WS-Security standards, XML encryption, and XML signatures.
Detailed vulnerability advisories and fix recommendations.
Over 40 regulatory compliance reports, including Payment Card Industry Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), ISO 27001 and ISO 27002, and Basel II.
Customization and extensibility with the IBM Security AppScan extensions Framework.