AppScan provides security testing throughout the application development lifecycle, easing unit testing and security assurance early in the development phase. Appscan scans for many common vulnerabilities, such as cross site scripting, HTTP response splitting, parameter tampering, hidden field manipulation, backdoors/debug options, buffer overflows and more. AppScan was merged into IBM's Rational division after IBM purchased its original developer (Watchfire) in 2007.
For downloads and more information,
visit the AppScan homepage.
Been using Appscan for over 5 years now, among others and have found it to be the best Web Application Scanner of its class.
Its support is excellent and although the tool is not cheap when it comes to web scanners, in my humble opinion you do get what you pay for.
And before I cause a row - it is not a substitute for manual penetration testing by any means, but another good tool in the arsenal!
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).