AppScan (formerly Rational AppScan) is an application security testing solution acquired by HCL Technologies from IBM in late 2018. Appscan supports both dynamic (DAST) and static (SAST) application security testing.
N/A
IBM Spectrum Accelerate
Score 9.0 out of 10
N/A
IBM Spectrum Accelerate is an enterprise software defined block storage solution.
I would say that HCL AppScan is very simple to understand and use since it uses a user-friendly interface and the terminologies that are used in the interface of the application is very clear. We can automate a scan with any third party like Jenkins. The fact, I don't like is the time takes to execute the application, it should be better.
An IBM Spectrum Accelerate system requires sufficient physical connectivity with 10-Gigabit Ethernet (10 GigE) connections. Virtual networking switches must be associated with the physical network and the virtual network ports. In addition, it is highly recommended to provide multiple physical network device connections to each IBM Spectrum Accelerate module for network redundancy in case of network device failure.1. Distributed RAID2. Easy Tier3. Comrpession4. Storage Pool Balancing.
AppScan works well in finding application vulnerabilities such as SQL injection, cross-site scripting and all of the OWASP top 10.
Flexible reporting allows us to generate executive reports for application owners as well as separate technical reports for developers and system engineers.
Technical reports include remediation information and cross reference CVSS scores
Because it maintains data on all repeated assessments it helps us to do trending and metrics on compliance
The functions you want, the points that are difficult to understand.
Issues presented in the vulnerability diagnostic report may not be fully explained and not well understood.
You may think it is very basic and natural, "diagnose screen after login" "diagnose according to input transition ⇒ confirmation ⇒ completion" but to do all this, you need regular expressions, and macros, there are many products that require you to write scripts.
Once it is successfully deployed, the XIV technology software-defined storage solution – namely IBM Spectrum Accelerate – is reasonably easy to operate, manage, monitor, and maintain.
As a virtual appliance application, IBM Spectrum Accelerate must run on a VMware ESXi hypervisor. Consequently, the planning must necessarily encompass different ESXi environment aspects, including network, storage, virtual machine resources, and general cluster configuration.
When we used Veracode, it takes a-lot of time to run a source code analysis. It's user interface is also bit clumsy. So we switched to HCL AppScan. It enables enterprises to scan internal and external applications for vulnerabilities. It provides quick and easy access to the most updated security guidelines by scanning applications against the OWASP Top 10 vulnerabilities.
