Security AppScan explained

HCL AppScan (previously known as IBM AppScan) is a family of desktop and web security testing and monitoring tools, formerly a part of the Rational Software division of IBM. In July 2019, the product was acquired by HCLTech^[1] and is currently marketed under HCLSoftware, a product development division of HCLTech.

History

AppScan was originally developed by Israeli software company Sanctum Ltd. (formerly Perfecto Technologies) and was first released in 1998.^[2] A year later, Sanctum expanded its web security service and launched an Application firewall, called AppShield.^[3] The first version of AppShield was developed by a team led by Gili Raanan, and was running on a dedicated Linux server.

AppScan version 2.0 was released in February 2001, adding a policy recognition engine and knowledge database, an automatic and customizable crawler engine, and an attack simulator.^[4] Version 3 was released in April 2002, adding collaborative testing capabilities, where different tasks can be assigned to different testers; and a number of user interface enhancements in both the scanning and reporting sections of the program.^[5] By 2003 AppScan was used by over 500 enterprise customers and had nearly $30 Million (USD) in annual revenue.^[6]

In July 2004, Sanctum was acquired by Massachusetts based company Watchfire, which developed a web applications management platform named WebXM. AppScan became Watchfire's flagship product and Sanctum's R&D center in Herzliya, Israel, became Watchfire's main R&D location.

In June 2007, Watchfire was acquired by IBM and incorporated into the Rational Software product line, enabling IBM to cover more of the application development lifecycle with the addition of a new tool to help developers further bolster the security of the application itself.^[7] Watchfire R&D center was incorporated into IBM R&D Labs in Israel.^[8]

In 2009 IBM acquired Ounce Labs and added yet another tool to AppScan to find and correct vulnerabilities in software source code. This new version was quickly re-packaged as a separate edition of AppScan: AppScan Source Edition.^[9]

In June 2019, HCL acquired select IBM collaboration, commerce, digital experience, AppScan and BigFix solutions.^{[10] [11]}

Notes and References

1. Web site: HCL now fully controls IBM software including Notes and Domino. Kwan. Campbell. ZDNet. en. 2019-09-16.
2. News: Perfecto Technologies Becomes Sanctum, Inc.; Pioneering Automated Web Application Control and Security Changes Name.. BusinessWire. 21 June 2000.
3. News: New tool blocks wily e-comm hacker tricks. Ellen Messmer. 7 September 1999. 17 November 2010. CNN.
4. News: Mimoso. Michael S.. AppScan release secures Web applications. SearchSecurity. 6 February 2001.
5. News: Costello. Sam. Sanctum boosts tests, reports in AppScan 3.0. Computerworld. 30 April 2002.
6. News: Sanctum acquired by Watchfire. Israel Venture Capital Research Center. 26 July 2004. dead. https://archive.today/20070810083415/http://www.ivc-online.com/ivcWeeklyItem.asp?articleID=2015. 10 August 2007.
7. News: Ogren. Eric. AppScan lives on with IBM. Computerworld. 8 June 2007. dead. https://web.archive.org/web/20110131081131/http://blogs.computerworld.com/node/5652. 31 January 2011.
8. News: Watchfire Israel goes to IBM. Globes. 7 June 2007.
9. News: Rick. Whiting. IBM: Design Security Into New Applications During Development. CRN. 8 June 2010.
10. https://www.ibm.com/supply-chain/hcl-divestiture HCL Technologies to acquire select IBM software products
11. https://www.hcltech.com/press-releases/products-and-platforms/hcl-technologies-acquire-select-ibm-software-products-18b HCL Technologies to Acquire Select IBM Software Products for $1.8B