July 1, 2019 marks a new beginning for AppScan. As part of a business deal valued at $1.8B, IBM divested a number of business lines to HCL, an India-based technology vendor. Among the divested businesses was AppScan, an application security testing suite for web applications, APIs and mobile apps.

AppScan was initially developed by Israeli software company Sanctum and first released in the early 2000s. Sanctum was a cybersecurity pioneer credited with several security innovations, including the first web application firewall (WAF) and the first automated web application security testing tool, which went on to become AppScan.

In 2004, Sanctum was acquired by US-based Watchfire and became its flagship product and main R&D site.

In 2007, Watchfire was acquired by IBM and its products incorporated into the Rational Software product line.

Now, after over 10 years as part IBM Application Security, AppScan is reclaiming its brand and place in the market, and setting a new course for growth under HCL.

AppScan pioneered many foundational security testing (AST) technologies, most notably dynamic application security testing or DAST. Its technology innovations have been acknowledged through hundreds of patents and its research team credited with the discovery of countless CVEs (Common Vulnerabilities & Exposures).

Among its ‘alumni’ are some of the most respected security researchers and entrepreneurs in the cybersecurity industry, including Gili Raanan, who founded Sanctum and now runs Cyberstarts, a cybersecurity investment fund; Eran Reshef, who went on to found Skybox Security and other companies in the security space; Amit Klein, who’s security expertise helped propel security companies like Cyota (sold to RSA), Trusteer (sold to IBM) and most recently SafeBreach; Ori Segal, who co-founded and recently sold serverless security company PureSec to Palo Alto Networks; Adi Sharabani and Yair Amit, who founded and sold mobile security company Skycure to Symantec; Guy Podjarny, who co-founded Snyk; and many more top-notch application security pioneers.

Today, application security testing is more important than ever. Shortening release cycles, the move to continuous delivery, and deployment on modern infrastructure (i.e. containers, Kubernetes, PaaS, and FaaS, etc.) all mean software publishers no longer have one monolithic blob of code that you can periodically test for security vulnerabilities; and applications no longer run on a handful of servers that sit behind a WAF or API gateway. Modern applications are continuously changing and their components are dynamically instantiated and taken down on compute resources that are often controlled by third parties. As a result, it is becoming increasingly difficult to protect applications using external security tools — applications need to be able to protect themselves.

Publishing robust, vulnerability-free software is more important than ever, and AppScan is positioned better than ever to help its customers do exactly that. Visit us on www.appscan.com to learn more.

The writer is the Head of Marketing for HCL AppScan.

Comment wrap
Further Reading
Secure DevOps  /  August 5, 2020
ESG Report Validates How HCL AppScan Helps Developers to Continuously Secure Applications
By: Eitan Worcel, Product Lead, AppScan
This blog summarizes recent findings from ESG's Technical Validation of HCL AppScan, and provides links to ESG's comprehensive report & our YouTube video.
Secure DevOps  /  July 27, 2020
A Closer Look at HCL AppScan Activity Recorder’s Features and Usage
By: Vinita Sanghi, Engineering Manager at HCL AppScan
HCL AppScan Activity Recorder is a Chrome browser extension, which permits you to record traffic & actions from your site & upload recordings to DAST.
Secure DevOps  /  July 13, 2020
How to Maximize the Effectiveness of Your Dynamic Testing Policies
By: Shahar Sperling, Chief Architect at HCL AppScan
In this blog, you'll learn more about Dynamic Application Security Testing (DAST) policies & find out how to maximize your team's dynamic analysis efforts.
a/icon/common/search Created with Sketch.