HCL AppScan Primary Use Case

Director3005
Director Of Product Cyber Security at a aerospace/defense firm with 10,001+ employees
We use IBM Appscan for a dynamic assessment of development of our code, so we're looking for something that will actually help us through our entire security development lifecycle. It has performed better than we expected. We were able to use it quite often, use the server IDE to help test our code before we go into a full test. And it's helped point out some things we had to correct. We're using it on the cloud. That particular solution we've been using on the cloud because it's a cloud instance, so the transition from going from one to the other wasn't there because we already had our cloud. We were able to use it because we had nothing else there. It helped fill a need that we really had. View full review »
Managingaf0a
Managing director at Accenture
It is used for a DevOps environment, to perform a security profile, a code profile assessment. When you are building your software code, before finishing the build process and deploying to production, we run AppScan to figure out any security vulnerabilities in the code. It's called static analysis of the code. View full review »
Rodolfo San Vicente
CTO at Anzen
We develop software, and the software is property of our clients. So we want to ensure the highest quality possible, and assist the financial side. We want the application to be as secure as possible. AppScan has helped us to identify a lot of issues; we can find them before they reach a new environment. We catch them, we fix them, and we can offer a higher quality product to our clients. We test on cloud. In terms of the transition process from on-prem solutions, it was not so hard because we've been IBM partners for eight years. From the beginning, we started developing on those platforms. So it was natural migration, we were "born" with those applications on those platforms. View full review »
Find out what your peers are saying about HCL, Micro Focus, Veracode and others in Application Security. Updated: October 2019.
372,906 professionals have used our research since 2012.
TimHill
Director For Security Products at a manufacturing company with 10,001+ employees
We use it prior to product releases. The web scan portion is used to find vulnerabilities, for example, if we have opened up any ports that we should not have. The source scan is used to look for similar types of vulnerabilities. However, at the source code level, it is scanning the source code, whereas the web scan is hitting ports trying to overload it. Thus, we use both of these types of scans before every product release of several of our products. We have it installed on-premise, although we have a guy who is looking at the cloud version. View full review »
SeniorCl3552
Senior Cloud Architect at a tech company with 1,001-5,000 employees
We integrate AppSense with Fortinet FortiGate Next-Generation Firewall products. This integration is new for us, but so far, we have had good results. However, it is a new integration. Fortinet has a lot of potential and integrations going on with IBM: QRadar, AppSense, and IBM Cloud. View full review »
SeniorSe47a0
Senior Security Specialist at a transportation company with 10,001+ employees
Our use case is that we always test our applications with AppScan before going to the production side. We have been using it for many years. It's honestly one of the best products in the application security the portfolio. We aren't using it on the cloud. View full review »
IbmBusin660a
IBM Business Manager at a tech vendor with 501-1,000 employees
Our clients use it to try to find errors in base code, and also to find how solutions work together. I believe they have on-premise usage; they are local government, so they are not very used to using the cloud. View full review »
it_user279198
CEO at a government
We use it for all website development and web-based applications, as part of our development test cycle and QA. We also routinely use it on existing applications in production because, in terms of security and vulnerabilities, some of the latter exist on some of the platforms that we run. So we run it from time to time, to do some security checks, etc. View full review »
Shaikh Jamal Uddin
Senior Information Security Consultant at Secure Coat
The primary use case is to detect time-based Blind SQL Injection attacks, as well as Error-Based Injection attacks. The SQL injection attack is my favorite and I have more expertise in this vulnerability. View full review »
Amr Elakkad
Business Development Manager at a tech services company with 10,001+ employees
It is an application for security assessment or scanning for static environments. With all customers, it is performing well. View full review »
PeopleLe1e05
People Leader Of Cyber Strategy And Solutions at a insurance company with 10,001+ employees
It is used as a last check before moving code to production. Therefore, it is used as a developer tool. View full review »
Sungmin Chun
Chief researcher with 11-50 employees
External and internal web application vulnerability scan. View full review »
Find out what your peers are saying about HCL, Micro Focus, Veracode and others in Application Security. Updated: October 2019.
372,906 professionals have used our research since 2012.
Sign Up with Email