Screenshot of Security AppScan

IBM® Security AppScan® is a leading application security testing suite designed to help manage vulnerability testing throughout the software development life cycle. IBM Security AppScan automates vulnerability assessments and scans and tests for all common web application vulnerabilities, including SQL-injection, cross-site scripting, buffer overflow, and flash/flex application and Web 2.0 exposure scans.

AppScan’s features and benefits include the following:

1) Scanning and testing for a wide range of application security vulnerabilities 2) Ability to scan complex web applications 3) Highly-accurate, advanced testing capabilities, including dynamic and innovative hybrid analysis of glass-box testing (runtime analysis), with static taint analysis 4) Quick remediation, with prioritized results and fix recommendations 5) Enhanced insight into your organization’s compliance with governmental and industry mandates, facilitated by more than 40 compliance reports.

Web application support includes: Adobe Flash, JavaScript, Ajax and Simple Object Access Protocol (SOAP) web services.

AppScan provides full coverage of the OWASP Top 10 for 2013. And, when deployed in conjunction with Arxan Application Protection for IBM Solutions, Appscan provides full coverage of the OWASP Mobile Top 10 for 2014. Our solution also includes support for industry-standard Transport Layer Security (TLS) protocol 1.2, and is compliant with Federal Information Publication Standard (FIPS) 140-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.

This trial version is a fully functional, unlimited version of the IBM Security AppScan Standard product. The only restriction is that scanning is limited to one site, Altoro Mutual, at http://demo.testfire.net.

Usage notes:
With the evaluation license you are enabled to scan a test website, Altoro Mutual at http://demo.testfire.net. Use the predefined template, demo.testfire.net, which is displayed in the New Scan dialog. When prompted for username and password, use:
Username: jsmith
Password: Demo1234

To request an evaluation license key, which will permit you to evaluate AppScan's effectiveness in testing one of your organization's own websites, contact us.

The download options include a component for web services scanning. When you download this trial, you are entitled to submit technical problems and questions to the community of Appscan users on the AppScan Standard forum.

Product specs

Choose your preferred platform

IBM Security AppScan: Windows (HTTP or Download Director)


Contact IBM

Considering a purchase?