HCL AppScan 10.7.0: AI-Driven Security & API Scanning Upgrades

The latest release of HCL AppScan 10.7.0 introduces a range of powerful features designed to elevate your security efforts and simplify compliance. From leveraging AI to enhancing vulnerability detection to offering a sleek, modernized user experience, this version is all about helping developers, DevOps, and security teams work smarter. With updates included in HCL AppScan Standard, HCL AppScan Enterprise, and HCL AppScan Source, we’re making application security more automated, insightful, and efficient. 

Below is an overview of some of the key features and capabilities you can expect with HCL AppScan 10.7.0.

Smarter Automation & Enhanced API Scanning

One of the most exciting updates in HCL AppScan 10.7.0 is the deeper integration of AI-powered automation. By leveraging Azure OpenAI, we’ve significantly improved how vulnerabilities are detected. This includes the introduction of a new mechanism designed to reduce false positives (FPs) when identifying error pages. To learn more, visit our related blog.

Modernized Reporting User Interface (UI) and New Compliance Reports:

HCL AppScan Standard 10.7.0 introduces an updated UI to offer a more intuitive and user-friendly experience allowing for a smoother navigation and making it easier to access key data without the extra hassle. This release also includes a DORA (Digital Operational Resilience Act) compliance report, which provides the tools you need to meet important regulations ensuring that financial institutions and your ICT providers are equipped to effectively manage and mitigate risk.  

API Scanning: Simplicity Meets Comprehensive Coverage

The API scan-work flows in HCL AppScan 10.7.0 simplifies API scan configuration and offers improved functionality like automatic login for backend API scans. This provides you with increased confidence in your API security, as HCL AppScan handles the heavy lifting, allowing your team to focus on building secure, robust applications.

Upgrade to Java 

This HCL AppScan Enterprise upgrade delivers better performance, compatibility, and security, making it easier for you to integrate and operate HCL AppScan Enterprise with your modern environments. Here’s how it benefits you:

• Enhanced Security with stronger encryption and ongoing security updates.
• Improved Performance with faster and more efficient scans, reduces waiting times, and better overall system performance.
• Future-Proofing with the latest tools and technologies supported in Java 17.

Scan Trend Graph

Another exciting feature in HCL AppScan Enterprise is the brand-new Scan Trend Graph. This tool offers a visual breakdown of your scans run for your applications over time, giving you a clearer view of your security scans with its connected insights  

Better Triage and Reporting with Expanded CWEs

The latest release of HCL AppScan Source, version 10.7.0, delivers improved triage and reporting capabilities, bringing the product in line with HCL AppScan on Cloud. This includes expanded support for multiple Common Weakness Enumerations (CWEs), enabling deeper insights into potential vulnerabilities. 

In addition to CWE coverage, HCL AppScan Source now supports ESQL as a newly added language and can now analyze PowerShell .ps1 files as part of our infrastructure as code capabilities. These enhancements, alongside improved secret scanning, significantly strengthen detection across development landscapes.

The update also brings refined rules for several languages and frameworks, including Angular, ASP, CSS, Dart, Java, JavaScript, JQuery, Objective-C, PHP, Python, TerraForm, TypeScript, VueJS, and the secrets scanner, ensuring more robust and accurate scanning capabilities across these platforms. 

New License Roadmap for On-premise Products

HCL AppScan is updating our distribution and license management with a new platform where our customers can choose the latest licenses, reduce the risk of unauthorized usage, and ensure the most updated security compliance. In order to smoothly migrate customers to the new My HCLSoftware (MHS) platform, we will be providing a number of version updates with feature upgrades and new licensing models. The current distribution and license management platform will reach the end of support on June 30, 2025. To learn more about these changes, please visit our support page and the related links below: 

• https://www.hcl-software.com/blog/appscan/new-licensing-changes-mhs-launch-in-hcl-appscan-version-10.7.0
• https://www.hcl-software.com/blog/appscan/important-announcement-hcl-appscan-plans-licensing-changes-to-take-effect-june-2025

For a full list of updates in Version 10.7.0, visit our documentation page. HCL AppScan 10.7.0 is focused on driving innovation and making security and compliance more manageable. Whether it’s through AI-powered automation, enhanced API scanning, or expanded platform support, we’re committed to helping organizations secure their applications faster and more efficiently than ever before.