start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
Close
Select Page

HCLSoftware has been on a mission to relentlessly innovate HCL AppScan Portfolio and align it to the changing needs of the market. Continuing with that approach, we have transitioned the scanning solution for “mobile applications” to a new approach which is a combination of testing technologies on both the client-side applications and the backend application/service. Take a moment to read Eitan Worcel’s blog on securing all parts of your mobile application.

Application security testing must cover the complete solution to be effective. AppScan’s breadth of language support (including mobile) in SAST and our new support for IAST security testing provides better coverage for the entire solution whether the client is running their application on a browser, desktop, or mobile OS. In the past, the adoption of frameworks that abstracted the device-specific capabilities limited the ability for our apk and ipa scanning (mobile analyzer) to provide broad coverage for our customers

AppScan Support LanguagesFor these reasons, in 2020, AppScan invested in broad mobile language coverage in our static scanning and transitioned our mobile client scanning capability to use SAST in the AppScan on Cloud service in November 2020. This also meant that all *new* subscriptions since that date no longer offered the scanning of apk or ipa files. For subscriptions that commenced prior to November 2020, organizations were permitted to continue to leverage the apk and ipa scanning. Coming in October 2021, AppScan’s mobile scanning capability will transition to this new SAST approach for *all* users. Organizations that currently have access to the mobile analyzer technology may continue to scan apk and ipa files until 30th September 2021.

AppScan on Cloud subscriptions entitles organizations to SAST and DAST. Both technologies allow you to implement application security testing at different points in your development lifecycle or pipeline.  AppScan on Cloud also has a broad set of integrations with the popular IDEs and CI/CD tools.  SAST scanning makes it easy to add the scanning of your mobile application code early in the pipeline. 

Using SAST to scan your mobile client leverages the same tools you may already use for SAST with your web or desktop applications. If you are not familiar with using SAST, here are some videos on how to perform SAST scanning on AppScan on Cloud. 

 

To learn more, see the videos below or check out our YouTube Channel This is AppScan:

Creating a SAST scan via AppScan Go! for a mobile client project.

Video image Video Play Button
 

Creating a SAST scan using AppScan Go! config with Jenkins.

Video image Video Play Button
 
Comment wrap

Start a Conversation with Us

We’re here to help you find the right solutions and support you in achieving your business goals.

  |  January 15, 2025
The Cyber Threat Landscape in 2025: What to Expect and How to Prepare
Explore the evolving cyber threat landscape of 2025. Learn about AI-driven attacks, ransomware trends, and strategies to protect against deepfake fraud and supply chain risks.
  |  December 23, 2024
Transforming Application Security Testing with Developer-Centric DAST
Empower developers to find and fix vulnerabilities early with developer-centric DAST. Learn how this approach can improve your application security testing.
  |  November 27, 2024
The Hidden Cost of Security Fixes for Software Developers
Developers spend up to 19% of their time on security tasks, costing companies $28K per developer annually. Learn how to reduce this burden and improve your application security posture with HCL AppScan.