-
Products
- Alphabetical List
- Business & Industry Applications
- Cybersecurity
- Data and Analytics
- AI and Intelligent Operations
- Total Experience
- Sovereign Collaboration
- Specialized Software
- HCL Actian
- HCL Actian Data Platform
- HCL Actian Ingres
- HCL Aftermarket Cloud
- HCL AppScan
- HCL Automation Orchestrator
- HCL Automation Orchestrator Suite
- HCL BigFix
- HCL CAMWorks
- HCL Clara
- HCL Commerce Cloud
- HCL Connections
- HCL Customer Data Platform
- HCL DataConnect
- HCL DFMPro
- HCL Discover
- HCL Domino
- HCL DX
- HCL DevOps Code ClearCase
- HCL DevOps Code RealTime
- HCL DevOps Deploy
- HCL DevOps Plan
- HCL DevOps Model RealTime
- HCL DevOps Test
- HCL DevOps Test Embedded
- HCL DevOps Velocity
- HCL Glovius
- HCL Hero
- HCL HIVE
- HCL iAutomate
- HCL iControl
- HCL Informix
- HCL IntelliOps
- HCL IntelliOps Event Management
- HCL iObserve
- HCL Leap
- HCL Link
- HCL Mainframe Solutions
- HCL Marketing Cloud
- HCL Marketplace
- HCL MyCloud
- HCL MyXalytics
- HCL Nippon
- HCL Notes
- HCL Now
- HCL SafeLinx
- HCL Sametime
- HCL Secure DevOps
- HCL SX
- HCL TX Platform
- HCL Unica
- HCL Vector Analytics
- HCL Verse
- HCL Volt MX
- HCL Workload Automation
- HCL Z Asset Optimizer
- HCL Z Abend Investigator
- HCL Z and I Emulator
- HCL Zeenea Data Discover Platform
- HCL Zen Edge Data Management
- HCL Aftermarket Cloud Aftermarket-led growth platform
- HCL Commerce Cloud Enterprise e-commerce for B2C and B2B
- HCL CDP Flexible and customizable customer data platform
- HCL Discover Behavioral insights for customer journeys
- HCL Marketing Cloud Fueling precision marketing at scale with AI
- HCL Unica Enterprise marketing automation platform
- HCL AppScan Scans for application vulnerabilities
- HCL BigFix Secure endpoint management
- HCL BigFix Compliance Ensure security with continuous, real-time compliance monitoring
- HCL BigFix CyberFOCUS Supercharging IT operations to secure the enterprise
- HCL BigFix Remediate Automate, remediate & secure endpoints
- HCL Actian Empowers the data-driven enterprise
- HCL Actian Data Platform Data services suite; flexible deployment
- HCL Actian Ingres Legendary transactional RDBMS
- HCL DataConnect Low-code integration platform
- HCL Zeenea Data Discover Platform Cloud-native data governance solution
- HCL Zen Embeddable edge data management
- HCL Automation Orchestrator Suite Accelerate IT and business automation
- HCL BigFix Secure endpoint management
- HCL BigFix AEX AI-driven employee experience accelerating productivity and innovation
- HCL BigFix Enterprise+ An all-in-one IT infrastructure automation offering enabling you to stay ahead of cyber threats
- HCL BigFix Workspace+ Fueling GenAI within the Digital+ experience
- HCL iControl HCL iControl is a business flow and process observability solution
- HCL MyXalytics Cloud finOps visibility and insights
- HCL SX Service management for everything-as-a-service delivery
- HCL Workload Automation Simplify and automation business workflows
- HCL Connections Collaboration and task management in one workspace
- HCL Domino Rapid application development platform
- HCL Leap No code citizen app dev
- HCL Link Connectivity across your digital ecosystem
- HCL Notes Comprehensive email and collaboration hub
- HCL SafeLinx Secure and flexible remote access to enterprise applications
- HCL Sametime Secure meetings, video, and chat communications
- HCL Verse Smart and secure enterprise email for seamless workflow
- HCL Augmented Network Automation (SON)Intelligent RAN automation platform
- HCL Automation Orchestrator Suite Accelerate IT and business automation
- HCL DFMProCAD integrated Design-for-Manufacturing platform
- HCL CAMWorksCAM for machining productivity
- HCL GloviusModern lightweight CAD Viewer
- HCL Mainframe Optimization Optimize, modernize, and innovate your mainframe investments
- HCL Secure DevOps Automated testing and security scanning
- Industries
- Partners
-
Persona
- HCL Commerce Cloud Enterprise e-commerce for B2C and B2B
- HCL CDP Flexible and customizable customer data platform
- HCL DX The DXP for the moments that matter
- HCL Marketing Cloud Fueling Precision Marketing At Scale with AI
- HCL Unica Enterprise marketing automation platform
- HCL Volt MX Multi-experience low code app dev
- HCL Actian Ingres Legendary transactional RDBMS
- HCL Actian Data Platform Data services suite; flexible deployment
- HCL AppScan Scans for Application Vulnerabilities
- HCL BigFix Secure endpoint management
- HCL BigFix AEX AI-driven employee experience accelerating productivity and innovation
- HCL BigFix Enterprise+ An all-in-one IT infrastructure automation offering enabling you to stay ahead of cyber threats
- HCL BigFix Workspace+ Fueling GenAI within the Digital+ experience
- HCL DataConnect Low-code integration platform
- HCL Foundry Secure Backend Services
- HCL iControl HCL iControl is a business flow and process observability solution
- HCL MyXalytics Cloud FinOps visibility and insights
- HCL SX Service management for everything-as-a-service delivery
- HCL Universal Orchestrator Orchestrate and optimize business automation
- HCL Vector Analytics A high-performance, secure vectorized columnar analytics database
- HCL Workload Automation Simplify and automation business workflows
- HCL Zen Embeddable edge data management
- Learn & Support
HCLSoftware News
HCL AppScan Expands its Software Supply Chain Security Capabilities with Active Application Security Posture Management
MOUNTAIN VIEW, CA, and NOIDA, India – (May 7, 2024) - HCLSoftware, a global leader in enterprise software solutions, announced today at RSA Conference (RSAC) 2024 in San Francisco, the launch of HCL AppScan Supply Chain Security (in partnership with OX Security), an active application security posture management platform to help organizations improve the security of their software supply chains. RSAC is one of the largest events worldwide dedicated to bringing together thousands of cybersecurity industry professionals.
In today's Digital+ economy, where innovation and agility are keys to success, ensuring the security of the entire software supply chain is more critical than ever. Supply chain attacks have increased exponentially as developers have adopted wider and wider use of open source and third-party applications, often with little attention to the vulnerabilities and risks that they bring.
The use of these out-of-the-box open source and third-party solutions is key to maintaining the fast pace of software development. Development time is greatly reduced if a team does not have to develop a portion of code or a software component from scratch.
“What we are seeing globally is that the use of open-source components and libraries have not received nearly the same level of security scrutiny that is applied when writing proprietary code.” said Rajesh Iyer, Executive Vice President, HCLSoftware. “The risk that organizations are facing requires a whole new level of oversight and visibility.”
High-profile events such as the 2020 SolarWinds attack, which was perpetrated by Russian sponsored hackers, was a watershed moment for software supply chain security. Since then, we have witnessed other attacks from the 2021 discovery of vulnerabilities in the popular Log4j open-source software to a 2024 malicious backdoor in the xz software library.
Some of the most significant attacks in 2023 were aimed at Telecom and IT where VoIP and file transfer software were targeted impacting thousands of businesses and millions of individuals costing close to $10 billion in damages. Healthcare care groups and the financial sector were notable targets impacting millions of patients whose social security numbers were stolen, while millions had their financial information exposed. Unfortunately, these attacks have become all too common.
As the number and severity of costly software supply chain attacks has risen there has been a steady increase in government compliance standards around the world. The recent US executive order 14028 is a good example that defines which software components are critical and the security measures needed for their use.
All of this is driving organizations to reconsider their entire approach to risk management and a demand for full end-to-end visibility and oversight of every aspect of their software development. In response to this overwhelming need, HCLSoftware delivers increased benefits to customers with the launch of HCL AppScan Supply Chain Security in partnership with OX Security.
HCL AppScan Supply Chain Security provides customers with the increased benefits of Active Application Security Posture Management (Active ASPM), a pioneering approach that empowers organizations to maintain a proactive security posture across their entire software landscape. Active ASPM integrates best-in-class application security testing with robust posture management and software supply chain security. This complete package provides you with full visibility of all risk factors and in-depth assessment tools that let you triage and remediate vulnerabilities in record time.
Highlights include:
- Pipeline Bill of Materials (PBOM) is a dynamic list of everything a piece of software has gone through and provides unparalleled visibility from code to cloud and traceability from cloud to code.
- Prioritize risk with active context that classifies all application components based on environment, attack vectors, and business criticality.
- Maintain software pipeline integrity from a single location where you can collect all data and orchestrate DevSecOps activities
- Seamlessly integrate your SAST, DAST, and SCA test findings into centralized dashboards for faster triage.
- Automate No-code workflows to quickly push action items to the right people for faster remediation times.
According to Katie Norton, Research Manager for DevSecOps and Software Supply Chain Security at IDC, "Increasing attacks on the software supply chain pose a significant business risk to medium and large-scale organizations. Many of them are struggling to identify security blind spots within their development pipelines. To stay ahead of these attacks more effectively, organizations should consider solutions like HCL AppScan Supply Chain Security to automate their discovery, prioritization, and remediation efforts based on exploitability insights."
For more information about HCL AppScan Supply Chain Security release, please visit: https://www.hcl-software.com/appscan.
About HCLSoftware
HCLSoftware, the software business division of HCLTech, fuels the Digital+ economy by developing, marketing, selling and supporting solutions in four key areas: digital transformation; data and analytics; AI and intelligent automation and enterprise security. HCLSoftware drives customer success through relentless product innovation for more than 20,000 organizations, including a majority of the Fortune 100 and almost half of the Fortune 500.