start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
  • Contact us
    • start portlet menu bar end portlet menu bar
    Close
    Select Page
      | December 5, 2023

    Achieve Enhanced DAST Scan Coverage and Accuracy with IAST

    Ayan Som
    Ayan Som
    Senior Product Manager, HCL AppScan
    Achieve Enhanced DAST Scan Coverage and Accuracy with IAST

    In today's fast-paced digital landscape, the role of robust web application security testing is more critical than ever. HCL AppScan DAST (Dynamic Application Security Testing) is widely recognized as a leading tool for identifying vulnerabilities within web applications.

    Most modern applications are exposed to various forms of vulnerabilities that, if unfixed, can represent significant security risks. Once engineering teams are aware of these issues, they often must spend a lot of time in getting to their root cause and fixing them. Additionally, DAST users across the industry are challenged by longer scan times as the tools search for vulnerabilities.

    Enhanced DAST scanning with IAST Total (Interactive Application Security testing) is a new feature that significantly helps with these challenges, improves scan and remediations times, and finds even more vulnerabilities. This new offering can be found in both HCL AppScan version 10.4.0 and in HCL AppScan on Cloud.

    Any team with AppScan IAST and DAST subscriptions can choose to leverage this key capability, along with native IAST/DAST capabilities.

    How IAST Total enhances AppScan DAST capabilities

    1. Faster Scan Times
    2. Faster Remediation
    3. Find More Vulnerabilities

    Faster Scan Times

    HCL AppScan offers a variety of ways to automatically configure different aspects of a DAST scan.

    IAST Total now offers more comprehensive capabilities for identifying the OS, Framework, Platform, Servers etc., which improves the automatic configuration further & reduces the scan scope by eliminating tests that are not necessary. This results in more accurate and faster scans.

    HCL AppScan research found the scan execution is 20% faster when HCL AppScan DAST is powered with IAST Total.

    Faster Triaging & Remediation

    HCL AppScan DAST can also leverage IAST Total to provide a call stack for detected vulnerabilities. This capability was previously only available in IAST or SAST (Static Application Security Testing) results.

    This information enables deeper insights into the application components, parameters, endpoints, etc., and detects the exact vulnerability location which helps in faster triaging and remediation.

    Find More Vulnerabilities

    AppScan IAST Total runs within your runtime environment and is enabled with deeper knowledge on the scan components. It provides a greater insight into the application backend as well as the components used, all of which results in deeper scan coverage and more accurate results.

    Future Sneak Peak

    HCL AppScan is always working to improve our industry-leading products. Future capabilities of IAST Total will increase the scan coverage and accuracy even further. Amongst the features planned in coming releases is the automatic detection of path parameters and hidden parameters. This capability will eliminate unnecessary tests and at the same time feed the DAST engine with more relevant parameters to test.

    Get more information on the entire HCL AppScan suite of application security testing solutions and sign up for a free trial today.

    Comment wrap
    Ayan Som
    Ayan Som
    Senior Product Manager, HCL AppScan
    Ayan Som is a Senior Product Manager in HCL AppScan Enterprise. Ayan comes with 14 Years of Industry experience in building products across Security, Healthcare, Mortgage & CX domains in Cloud & Applied ML Space. Outside work, Ayan love exploring Nature & spending time with my family.
    Read more

    Topics in this article:

    HCL AppScanDynamic application security testingApplication security testingEnterprise security

    Start a Conversation with Us

    We’re here to help you find the right solutions and support you in achieving your business goals.

    Connect with us

    Submit a Comment

    Your email address will not be published. Required fields are marked *

    * HCL provides software and services to the U.S. Federal Government through its partner Four, Inc. Please contact Four, Inc. at the U.S. Federal Government contact page.


    appscan
      |  March 31, 2025
    DeepSeek’s AI: Cutting-edge Innovation or Security Nightmare?
    DeepSeek's AI shows promise but poses security risks, from data leaks to malware generation. Learn how HCL AppScan helps safeguard against AI-driven threats.
    Uffe Sorensen
    Nabeel Jaitapker
    Product Marketing Lead, HCLSoftware
    appscan
      |  February 28, 2025
    Introducing Custom Scripts: A New Level of Flexibility in HCL AppScan DAST
    Enhance security testing with Custom Scripts in HCL AppScan DAST. Gain flexibility, improve accuracy, and tailor scans to your application's unique needs.
    Uffe Sorensen
    Kamal Kumar Chandrashekar
    Senior Product Manager, HCL AppScan
    appscan
      |  February 28, 2025
    HCL AppScan 10.8.0: Smarter Security with Customization, Reporting and New Licensing Platform
    HCL AppScan 10.8.0 enhances security testing with automation, improved reporting, and a new licensing platform. Stay ahead of threats with smarter customization.
    Uffe Sorensen
    Ryley Robinson
    Project Marketing Manager
    start portlet menu bar end portlet menu bar