IBM Security AppScan Benefits

Director3005
Director Of Product Cyber Security at a aerospace/defense firm with 10,001+ employees
It helps the organization the way we process the entire thing. It has actually helped a little bit with the speed of delivery too, which was surprising because most people thought it would be the other way around. IBM Applications Security has contributed to the maturity of our AppSec risk management program. We've been working on our risk management program overall, for security development, and this has been a great asset to have. We also use the solution to security test open-source applications. I'd say better than 70-75% of our applications are open-source. To me, a lot of people overly focus on open-source. That's because they believe that all the closed-source or proprietary is, in fact, secure. That's not necessarily the case. The issue is, when you take code and you're combining these different proprietary and open-source, packages, you have to test them all in the context where you're using them. And therein is the real issue. To me, it's not so much about the open-source, it's about all code. I believe all code has something that I have to look at. We have a number of projects running concurrently, so I look at the aggregate. I try not to go to what's done on a single product. However, having said that, since we had nothing in dynamic and now we do, that's a huge improvement. You might say then that it was 100% improvement. I don't know if I would give it quite that number, but it is a huge improvement. It's quite near that number. View full review »
Managingaf0a
Managing director at Accenture
It decreases the operational risk, security risk, a lot. In fact, when we first used it, the number of vulnerability alerts generated by the tool was huge. As time goes on, we can decrease those vulnerabilities because we learn from it. So, in the next release of the software, or new software that we have to develop, we know upfront that we should take care of some of the characteristics of the software. View full review »
Rodolfo San Vicente
CTO at Anzen
Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production. AppScan has absolutely contributed to the maturity of our AppSec risk management. I would rate that maturity at only nine out of 10 because there are things that we could be doing better. Not only because of our internal processes, but because we need to adopt to the clients' processes, and that adopting always has small gaps. But generally, it's pretty awesome. We don't use it to security test open-source applications but we do use it for open-source models, or libraries. View full review »
Find out what your peers are saying about Veracode, SonarQube, Micro Focus and others in Application Security. Updated: May 2019.
348,558 professionals have used our research since 2012.
TimHill
Director For Security Products at a manufacturing company with 10,001+ employees
It has certainly helped us find vulnerabilities in our software, so this is priceless in the end. IBM Application Security has contributed to the maturity of our AppScan risk management program. While it depends on the product, on average ten percent of our code is open source. Many products are either zero percent open source or maybe up to ten percent. They could possible be up to twenty percent open source, but never more than that. View full review »
SeniorCl3552
Senior Cloud Architect at a tech company with 1,001-5,000 employees
It provides a better integration for our ecosystem. From a Fortinet perspective, this can lead to integration of selling our own products. View full review »
SeniorSe47a0
Senior Security Specialist at a transportation company with 10,001+ employees
It has contributed to the maturity of our AppSec risk management program. I would rate that maturity level as eight out of 10. The testing part of your application's security is very valuable. You can't avoid that. Applications are the faces of companies to the world. How much your application is secure equals how much your brand is secure. AppScan is a very major part of of the story. We don't use it to test open-source code. View full review »
IbmBusin660a
IBM Business Manager at a tech vendor with 501-1,000 employees
I'm mainly working on the licensing side and not the technical side, so I don't get this kind of feedback. View full review »
it_user279198
CEO at a government
It has certainly improved our organization In terms of quality of solutions that are developed. View full review »
Applicat0b5f
Application Security Consultant at a financial services firm with 10,001+ employees
The benefits are that we that we can find security vulnerabilities fast, get that back to development teams, and report on those. They can then act, fix the issues, and we'll have a secure code in place. View full review »
Shaikh Jamal Uddin
Information Security Lead Consultant at Secure Coat
This solution saves us time due to the low number of false positives detected. Other scanners have an issue with respect to reporting false positives. View full review »
Prasoon Nigam
Security Consultant at a consultancy with 10,001+ employees
IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability. View full review »
PeopleLe1e05
People Leader Of Cyber Strategy And Solutions at a insurance company with 10,001+ employees
With AppScan, we are now deploying less defects to production. View full review »
Sungmin Chun
Chief researcher with 11-50 employees
* We were able to easily diagnose a large number of web applications automatically. * The depth was low, but the part that the user could miss was also diagnosed. View full review »
Find out what your peers are saying about Veracode, SonarQube, Micro Focus and others in Application Security. Updated: May 2019.
348,558 professionals have used our research since 2012.

Sign Up with Email