AppScan Standard is a dynamic application security testing tool designed for security experts and pen-testers.

Using a powerful scanning engine, AppScan automatically crawls the target app and tests for vulnerabilities. Test results are prioritized and presented in a manner that allows the operator to quickly triage issues and hone-in on the most critical vulnerabilities found. Remediation is made easy using clear and actionable fix recommendations for each issue detected.

As a result, continuously testing and assessing risk for web services and applications helps prevent a damaging security breach.

Most powerful DAST scanning engine in the industry

Statistical analysis test optimization provides control on the trade-off between speed and coverage, and enables faster scans with minimal impact on accuracy.  Leverage proprietary, action-based technology and tens-of-thousands of built-in scans.

Comprehensive security testing suite

Test web apps, web services and mobile back-ends. Rich reporting helps AppScan users effectively triage and resolve critical vulnerabilities, and continuously assess the security posture of the applications for compliance.

Handles complex use cases and application flows

AppScan users can tailor testing to suit the needs of most complex apps, by recording complex multi-step sequences, dynamically generating unique data and tracking a diverse set of headers and tokens.

Optimized testing for maximum impact with minimum effort

Test optimization algorithms deliver an optimal trade-off between speed and coverage, to enable faster scans with minimal impact on accuracy.


Prevent Compromise

Detect vulnerabilities using powerful scanning engines and fix them before hackers discover them

Market Proven

Test even the most complex web applications

Cost-effective Testing

Prioritized results and actionable fix recommendations

One Testing Suite

Security testing for web apps, web services and mobile back-ends

Actionable Reporting

Actionable fix recommendations for each vulnerability detected simplify remediation

Regulatory Compliance

Achieve compliance with industry standards and benchmarks such as PCI DSS, HIPPA, OWASP top 10, SANS 25 and more