Screenshot of Security AppScan

IBM® Security AppScan® is a leading application security testing suite designed to help manage vulnerability testing throughout the software development life cycle. IBM Security AppScan automates vulnerability assessments and scans and tests for all common Web application vulnerabilities including SQL-injection, cross-site scripting, buffer overflow, and new flash/flex application and Web 2.0 exposure scans.

AppScan’s features and benefits include the following:

1) Scanning and testing for a wide range of application security vulnerabilities 2) Ability to scan complex web applications 3) Highly-accurate, advanced testing capabilities, including dynamic and innovative hybrid analysis of glass-box testing (runtime analysis), with static taint analysis 4) Quick remediation, with prioritized results and fix recommendations 5) Enhanced insight into your organization’s compliance with governmental and industry mandates, facilitated by more than 40 compliance reports.

Web application support includes: Adobe Flash, JavaScript, Ajax and Simple Object Access Protocol (SOAP) web services.

Appscan provides full coverage of the OWASP Top 10 for 2013. Our solution also includes support for industry-standard Transport Layer Security (TLS) protocol 1.2, and is compliant with Federal Information Publication Standard (FIPS) 140-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.

This trial version is a fully functional, unlimited version of the IBM Security AppScan Standard product. The only restriction is that scanning is limited to one site, Altoro Mutual, at

Usage notes:
With the evaluation license you are enabled to scan a test website, Altoro Mutual at Use the predefined template,, which is displayed in the New Scan dialog. When prompted for username and password, use:
Username: jsmith
Password: Demo1234

To evaluate the use of AppScan Standard in your own environment, please contact IBM Sales for more information.

The download options include a component for web services scanning. When you download this trial, you are entitled to submit technical problems and questions through our limited online support program.

Product specs

Choose your preferred platform

IBM Security AppScan: Windows (HTTP or Download Director)

Contact IBM

Considering a purchase?