AppScan was originally developed by
Israeli software company
Sanctum Ltd. (formerly Perfecto Technologies) and was first released in 1998. A year later,
Sanctum expanded its web security service and launched an
Application firewall, called
AppShield. The first version of AppShield was developed by a team led by
Gili Raanan, and was running on a dedicated
Linux server. AppScan version 2.0 was released in February 2001, adding a policy recognition engine and knowledge database, an automatic and customizable crawler engine, and an attack simulator. Version 3 was released in April 2002, adding collaborative testing capabilities, where different tasks can be assigned to different testers; and a number of user interface enhancements in both the scanning and reporting sections of the program. By 2003 AppScan was used by over 500 enterprise customers and had nearly $30 Million (USD) in annual revenue. In July 2004, Sanctum was acquired by
Massachusetts based company
Watchfire, which developed a web applications management platform named WebXM. AppScan became Watchfire's flagship product and
Sanctum's R&D center in
Herzliya, Israel, became Watchfire's main R&D location.
Watchfire R&D center was incorporated into
IBM R&D Labs in Israel. In 2009 IBM acquired
Ounce Labs and added yet another tool to AppScan to find and correct vulnerabilities in software source code. This new version was quickly re-packaged as a separate edition of AppScan: AppScan Source Edition. In June 2019, HCL acquired select IBM collaboration, commerce, digital experience, AppScan and BigFix solutions. ==References==