Start Securing Your Software Today
Start Securing Your Software Today
HCL AppScan on Cloud is now available with just the click of a button
This new digital pay-per-scan option lets you easily purchase the scans that you need online with fewer steps than ever before. Match the speed of procurement with the agility of development and pay as you go so that your spending better aligns with your required scans.
How HCL AppScan Marketplace Works
Purchase any number of scans (minimum of five per transaction) using our digital marketplace and automatically receive a one-year subscription to HCL AppScan on Cloud.
Activate your SaaS subscription and start scanning your applications with our fast, accurate DAST, SAST, and/or SCA technology. See all results in the centralized dashboards on HCL AppScan on Cloud.
Unused scans expire after one year but access to the platform, findings, and reporting continues for 60 days after the subscription ends. Extend your subscription at any time with the purchase of more scans.
Buy Scans and Start Your Subscription Today
Buy Scans and Start Your Subscription Today
HCL AppScan on Cloud is a comprehensive suite of application security testing solutions that help you accurately find and fix vulnerabilities in your web applications and APIs at any point in a software development life cycle.
Product: HCL AppScan on Cloud Pay-per-Scan
Price: $268.97 USD/per-scan/one year*
*Minimum order: five scans
Subscription Benefits
-
DAST Scans
Dynamic Analysis to find vulnerabilities in web applications and APIs
-
SAST Scans
Static Analysis to find vulnerabilities in application source code
-
SCA Scans
Software Composition Analysis to find vulnerable open-source libraries
DAST Scans
Dynamic Application Security Testing (DAST) reduces the threat of an expensive data breach or malicious hack with industry-leading dynamic analysis. Use DAST to crawl through and identify security vulnerabilities in your running web applications and APIs to detect potential vulnerabilities prior to deployment or in your staging environments.
Vulnerable Third-Party Component Detection
Hackers target well-known vulnerabilities in popular libraries that you may have incorporated into your application. DAST together with vulnerable third-party component detection provide you with much more comprehensive vulnerability coverage, allowing you to identify (fingerprint) third-party libraries with known vulnerabilities and see those findings alongside all your DAST results.
Test Optimization
Fine-tune the time testing takes at distinct phases of the SDLC (software development life cycle) with our Test Optimization Slider which offers four optimization levels to control the trade-off between issue coverage and scan speed. Choose to go 10x faster with 70% accuracy, or only 2x faster with 97% accuracy. Your choice!
Incremental Scanning
Save time and resources by leveraging our unique incremental scanning capability which recognizes which portions of the source code are new or which portions had issues found in earlier scans, and limits testing to those areas only.
Web API Scanning
Quickly broaden your vulnerability coverage with automatic scanning of all Web APIs. This can be done through using Postman collection files, Open API descriptions, recorded traffic, or by harnessing HCL AppScan's seamless integration with leading API testing tools.
Tackle the Most Complex Applications
Record and test complex multi-step sequences with AI/machine learning that predicts which links lead to new areas in applications.
SAST Scans
Static Application Security Testing (SAST) lets you write more secure application code during the early stages of the SDLC by testing the code as you write and release with industry-leading static analysis. Our SAST technology allows developers to accurately identify critical application vulnerabilities in source code and build automated security into development with easy integration into IDEs and CI/CD pipelines.
Unparalleled Scan Accuracy
Dramatically improve scan accuracy with IFA 2.0 (Intelligent Finding Analytics) which uses AI in the background to reduce your workload. IFA 2.0 does much of the triage work for you by automatically filtering out 98% of false positives and then grouping the remaining findings into fix groups so they can be remedied by a fix in one code point.
Wider Scan Coverage
HCL AppScan SAST leverages powerful AI/machine learning with Intelligent Code Analytics (ICA) to widen scan coverage. ICA automatically discovers new APIs, reviews all third-party APIs and frameworks, and assesses them for the right security impact.
Broadest Language Coverage
The cutting-edge SAST software from HCL AppScan provides unparalleled support for more than 30 programming languages. This ensures that developers across diverse technology landscapes can effortlessly access seamless SAST scanning solutions. Whether you're working with legacy code or the latest frameworks, the HCL AppScan SAST tool is designed to empower and streamline your secure coding practice, making it a top choice for developers worldwide.
Improved Software Supply Chain Security with Secrets Scanning
Use our SAST technology to identify secrets, credentials, social security numbers, API Keys, etc., that developers and software engineers have accidentally stored in source code repositories during development. Finding and removing secrets from code is a critical aspect of software supply chain security since this information, if found by malicious actors, can be stolen, or used to further hack into applications.
Integrations and Plugins
Integration is key to a fluid and efficient development cycle, and the HCL SAST tools are engineered to connect effortlessly with leading Continuous Integration/Continuous Deployment (CI/CD) platforms, Integrated Development Environments (IDE), Defect Tracking Systems (DTS), and other essential DevOps tools. This includes industry giants such as Visual Studio, GitHub, GitLab, Jenkins, ServiceNow, Azure DevOps, Jira, and more This seamless integration ensures a cohesive workflow, enabling rapid development without compromising on security, making the HCL SAST solution an indispensable asset for modern development teams.
SCA Scans
Software Composition Analysis (SCA) analyzes information from multiple sources to identify open-source libraries and components that are being used by your code. HCL AppScan SCA seamlessly integrates into various stages of an application's life cycle technology and employs a constantly refreshed database to detect vulnerabilities introduced by these components.
Cloud Security with Container Scanning
HCL AppScan has developed an innovative container scanning solution that uses our SCA (Software Composition Analysis) technology to scan all contents of a Docker container (or container image) without having to run the container.
Software Supply Chain Security
Improving software supply chain security is critical to protecting your business. HCL AppScan SCA detects open-source packages, versions, licenses, and vulnerabilities, and provides an inventory of all this data for comprehensive reporting.
Source Code Scanning
HCL AppScan has built a proprietary database of open-source and third-party packages that our SCA tool uses for improved source code scanning. SCA locates and analyzes the packages in your software and compares them to the database with information from multiple sources including file hashes, binaries, and more.
SCA Throughout the SDLC
HCL AppScan SCA can be integrated in numerous points in your application's development life cycle. Your developers can evaluate the open-source packages incorporated in their projects directly from the IDE (Integrated Development Environment).
HCL AppScan
Try before you buy. If you are not ready to purchase scans today,
start a free trial to see firsthand the security benefits of HCL AppScan on Cloud.
