HCL AppScan 2025 Highlights: A Year of Innovation and Impact

As 2025 comes to a close, it’s important to reflect on what has been a landmark year for application security—and for HCL AppScan. This year wasn’t just about keeping pace with the rapidly evolving DevSecOps landscape; it was about leading the way. From groundbreaking innovations to industry recognition, HCL AppScan has redefined what it means to deliver a truly comprehensive, end-to-end, AI-powered AppSec platform.

Whether it was earning “leadership” recognition in the Gartner® Magic Quadrant™, launching next-generation capabilities like AppScan 360º 2.0, or empowering developers with cutting-edge AI tools like RapidFix, 2025 was a year of bold strides and transformative impact. Let’s look back on six key milestones that shaped HCL AppScan’s incredible journey this year—and set the stage for an even more secure digital future.

1. HCLSoftware named A Leader: 2025 Gartner® Magic Quadrant™ for Application Security Testing

We're proud to share that on October 7, HCLSoftware was named a Leader in the 2025 Gartner® Magic Quadrant™ for Application Security Testing (AST) for its product HCL AppScan.

As enterprises accelerate their shift to DevSecOps and cloud-native architectures, the Application Security Testing market is undergoing a transformation. HCL AppScan has built a portfolio of AI-powered solutions aligned with this evolution that deliver comprehensive, developer-centric security testing across the entire software development lifecycle.

“In our view, being named a Leader in the Gartner Magic Quadrant isn’t just validation—it’s a signal to the market that HCL AppScan is redefining how security fits into modern development,” said Raj Iyer, EVP and Portfolio General Manager, HCLSoftware. “We’re not just scanning code; we’re enabling secure innovation at scale. In a world where speed wins, AppScan makes sure security doesn’t lose.”

Read the Gartner report.

2. The Launch of AppScan 360º 2.0: The Next-Gen Platform

In early September we achieved a major milestone with the launch of HCL AppScan 360º 2.0. This release marks the first time the entire HCL AppScan suite of testing technologies (including SAST, DAST, IAST, SCA, API Testing, IaC, and Secrets scanning) is available in a single, on-premise, cloud-native, container-based platform. 

HCL AppScan 360º is designed for secure digital sovereignty. Organizations can eliminate blind spots, enforce security policies, and get visibility across their entire application portfolio, all while keeping sensitive data secure within their self-managed infrastructure.

Version 2.0 delivers the industry’s only platform-based on-prem SCA to address fragmented toolchains and supply chain risks. Teams working in on-prem environments can now generate and share proprietary Software Bill of Materials (SBOMs) without exposing data to the cloud. 

Customers are also excited about the wide array of time and resource-saving benefits including built-in AI to reduce false positives, IAST to help correlate findings for efficient triage, and Autofix recommendations with GenAI context, to fix issues faster. 

Read more here.

3. Securing the Digital Gateway with End-to-End API Security

2025 saw the sheer volume and complexity of APIs reach new highs, making them one of the most essential as well as most targeted parts of modern systems. Recognizing this shift, on April 23, HCL AppScan expanded beyond standalone API testing to deliver a full end-to-end API security solution designed to protect this expanding surface.

The new HCL AppScan API Security offering unifies continuous discovery, in-depth API testing, and strong posture governance to provide a truly holistic approach — eliminating shadow, zombie APIs, and other blind spots that attackers often exploit. This creates a future-ready foundation that evolves with modern development and gives teams clearer visibility and greater confidence across their entire API landscape. 

Learn more.

4. Introducing RapidFix: AI-Powered Triage and Remediation

Remediating vulnerabilities is where true application security begins—detection is just the starting point. That’s why in April, we introduced HCL AppScan RapidFix, a cutting-edge solution designed to speed up the triage and remediation phase of the DevSecOps cycle.

Powered by agentic AI, RapidFix doesn’t just identify vulnerabilities; it delivers precise, automated remediation recommendations and ready-to-use code snippets directly to developers. By drastically reducing the time and effort needed to address security flaws, RapidFix has redefined efficiency for development teams across the globe, empowering them to secure applications faster than ever before. 

Read more here.

5. The Application Security AI Evolution/Revolution

HCL AppScan has a decade long history of incorporating AI into our technologies, primarily for increasing scan breadth and accuracy. But 2025 saw a number of new AI-related capabilities come online both to improve AppSec performance and also to better secure AI itself.

In the early summer, we introduced GenAI error page detection for edge cases where our traditional DAST (Dynamic Application Security Testing) needed help to accurately validate suspicious responses. By leveraging GenAI via Azure OpenAI, we have improved scan accuracy with minimal impact on speed.

This December we flipped the script to focus on securing AI itself–in this case, LLM-augmented web applications that can introduce significant security risks, such as prompt injection and data leaks, and which traditional security scans are unable to prevent. HCL AppScan DAST for LLM-augmented web applications offers a powerful new capability that dynamically tests chat endpoints by simulating attacks, identifying a wide range of LLM-specific risks, and providing full transcripts and remediation guidance.

As we look ahead to 2026, and work to help our customers futureproof against fast changing security needs, expect more AI-powered AppSec capabilities, and more AI-focused security.

6. Expanding Industry Momentum and Notable Awards

Beyond the Gartner recognition, 2025 was a year of expanded influence for HCL AppScan. We proudly received multiple industry accolades that highlighted our product excellence, customer success, and leadership in securing applications across the full development lifecycle.

We were honored with the Fortress Cybersecurity Award, the Global InfoSec Awards, and the Gold Award at Globee® Awards for Technology, celebrating our continued innovation and commitment to delivering best-in-class application security solutions.

Thank you to our customers, partners, and the entire HCL AppScan team for making 2025 a pivotal year. We look forward to continuing this momentum and securing the Digital+ economy together in 2026!