File Size: 538.9 MB
HCLAppScan Standard is a penetration-testing component of the HCL AppScan application security testing suite, used to test web applications and services. It features cutting edge methods and techniques to identify security vulnerabilities to help protect applications from the threat of cyber-attacks.
HCLAppScan Standard is a Dynamic Analysis tool, evaluating application security at runtime by attacking the application using techniques analogous to methodologies used by hackers. The result of the tests includes a rich set of data ranging from application inventory to detailed attack traffic which can be reproduced for validation and fix. This data can be examined and processed in the UI or exported in various formats for sharing in other tools.
Beyond the cutting-edge testing facilities AppScan includes additional capabilities to help you run your testing program as efficiently as possible. Some of these are:
General and regulatory compliance reporting, with over 40 different templates available out-of-the-box
Customization and extensibility through the AppScan eXtension Framework, or by direct integration into existing systems using the AppScan SDK
Built-in optimization mechanism to help focus the test for the most likely issues in the most likely parts of your application
AppScan Standard helps you decrease the risk of web application attacks and data breaches both before site deployment and for ongoing risk assessment in production.
Some technologies used by your site might affect AppScan's ability to scan it, while others do not affect the scan at all.
AppScan is a "Black-Box" (DAST) tool, and scans your site using the same mechanisms as a browser. Therefore, in general, server-side technologies that are transparent to a browser are also transparent to AppScan, and do not affect the scan.
Client-side technologies such as jаvascript and the HTTP protocol itself, do affect AppScan. For successful scanning, AppScan utilizes an actual browser, embedded in the product, to process webpages just like a commercially available browser. This ensures support of all common technologies. Occasionally additional configuration might be required to help AppScan understand the context of an element, for proper processing beyond simple browsing, usually specifically for the Test stage of the scan.
WebSocket login recording and login playback are supported.
official site does not provide any info about changes in this version.