Cloud-Native Application Security

Cloud-Native Application Security

video 1:18

HCL AppScan 360º – Unified cloud-native application security, deployable anywhere

Cloud-Native Application Security


Our fast, accurate, agile application security testing is now deployable anywhere. Achieve continuous security and manage risk and compliance with the industry’s most comprehensive set of integrated testing and remediation solutions including static, dynamic, interactive, open source, container scanning, API testing and more. Born on the cloud, HCL AppScan 360˚, is a cloud-native application security platform built on modern unified architecture that you can deploy as self-managed on-prem, private cloud, public cloud, as-a-service, and more.

Benefits

HCL AppScan 360º allows you to manage risk effectively with a single application security platform

Features

Enhanced security with machine learning capabilities

HCL AppScan 360º provides more accurate scans in less time with proven machine learning capabilities that deliver deeper and faster scan coverage and eliminate false positives. The AppScan slider for SAST empowers you to appropriately trade off speed vs. coverage, for distinct phases of the DevOps pipeline.

Easy integration and automation in the software development pipeline

HCL AppScan 360º integrates easily with leading build environments, DevOps tools and IDEs (integrated development environments), and provides a frictionless cloud native application security testing experience. A rich set of APIs enable customized automation with “out of the box” plug-ins.

Comprehensive Cloud-native Application Security Testing Suite

Comprehensive Cloud-native Application Security Testing Suite

Comprehensive Cloud-native Application Security Testing Suite


Version 1.3 of HCL AppScan 360º is self-managed with both DAST and SAST technology. Future releases will expand the platform to include our entire set of integrated testing capabilities, all currently available as-a-service with HCL AppScan on Cloud.

Available Today

  • Dynamic analysis (DAST): Test web applications and APIs against potential vulnerabilities while applications are running
  • Static Analysis (SAST): Analyze source code in applications and APIs for potential vulnerabilities throughout the development life cycle
  • Centralized application security management platform with customizable dashboards, policies and postures
  • Self-managed on-premises and private cloud deployment options built on a fully Kubernetes cloud-native architecture
  • Increased plug-ins for IDEs and CI/CD tools for SAST and DAST automation
  • DTS integration and robust APIs for customized automation

Coming Soon

  • Interactive Analysis (IAST): Monitor web applications and APIs to help find and fix vulnerabilities without slowing down development
  • Software composition analysis (SCA): Identify vulnerabilities introduced by open-source software components
  • Increased deployment options, including MSP and federal support

Featured Resources