IBM Support

IBM Security AppScan Enterprise v8.8 now available

Downloadable files


IBM Security AppScan Enterprise Version 8.8 has been made generally available on the IBM Passport Advantage website.

Download Description

Tab navigation

This release is a full product download.

  • Passport Advantage clients: Passport Advantage and Passport Advantage Express clients are required to sign in to Passport Advantage Online to download the image.

  • Non-Passport Advantage clients: If your organization did not purchase your software and support through Passport Advantage or Passport Advantage Express, you are required to sign in to the new IBM Software Group OEM Portal to download the image.

    Note: This includes clients with Flexible Contract Type (FCT) license purchases and IBM Business Partners.

    For assistance with the IBM Software Group OEM Portal, visit the eCustomer care page.

Here are the main new features and enhancements in this release:

  • Enhanced encryption (support for TLS 1.2), and compliance with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.
  • Leverage the scalability of the AppScan Enterprise Dynamic Analysis Scanner by importing and scheduling scans configured with the AppScan Standard desktop application.
  • Reuse functional QA test scripts and implement Dynamic Analysis security testing automation via new REST API interfaces.
  • More flexibility for configuring decentralized AppScan Enterprise administration via finer custom user type settings for adding, deleting, and editing users and groups.
  • Updated OWASP Top 10 (2013) report for identifying noncompliance issues.
  • Microsoft Windows Server 2012 support.
  • Windows authentication support for AppScan Source clients.

The following features were removed in this release:
  • Support for Windows 2003, XP, Vista and Internet Explorer 7
  • Support for Rational Team Concert™
  • Support for Microsoft .NET 4.0
  • Web application file analysis for malware
  • Infrastructure scans and reports
  • Interaction tool for recording a login sequence
  • Custom functions for cookie/parameter tracking
  • Legacy Inventory reports - Website Technologies, Web Applications, Server Side Image Maps, Missing Alt Attribute, Multimedia Content, Image Catalog


Supporting Documentation
Document Description
Detailed System Requirements A detailed list of the supported hardware, operating systems and information related to IBM and third party software requirements.
Information Center Browse or search on-line information related to the deployment, configuration and usage of the product.

Installation Instructions

A Planning & Installation Guide is included in the download package at IBM Passport Advantage. This document is also available at the IBM Publications Center.

AppScan Enterprise Planning Installation Guide English 691

Download package

These download packages are available at IBM Passport Advantage:

IBM Security AppScan Enterprise Server V8.8 Multiplatform Multilingual eAssembly (Part Number CRP3SML)
This download package includes:

  • Quick Start Guide - IBM Security AppScan Enterprise V8.8 Multilingual (Part Number CIQT1ML)
  • IBM Security AppScan Enterprise Server V8.8 Windows Multilingual (Part Number CIQT3ML)
  • IBM Security AppScan Enterprise Server V8.8 Linux Multilingual (Part Number CIQT4ML)
  • Rational License Server Key V8.1.4 Multilingual (Part Number CRP2XML)
  • IBM WebSphere Application Server V8.0 Multiplatform, Multilingual (Part Number CZM9HML, CZM9IML, CZM9JML, CZVG3ML)
  • IBM WebSphere Application Server V8.0 Supplements Multiplatform, Multilingual (Part Number CZM91ML, CZM94ML, CZM95M, CZXR9ML)
  • IBM Installation Manager V1.4.3.1 for Linux x86 Multilingual (required Install WebSphere Application Server V8.0) (Part Number CZM8XML)
  • IBM Installation Manager V1.4.3.1 for Windows x86 Multilingual (required Install WebSphere Application Server V8.0) (Part Number CZM90ML)

IBM Security AppScan Enterprise Dynamic Analysis Scanner V8.8 Multilingual eAssembly (Part Number  CRP3TML )
This download package includes:
  • Quick Start Guide - IBM Security AppScan Enterprise V8.8 Multilingual (Part Number CIQT1ML)
  • IBM Security AppScan Enterprise Dynamic Analysis Scanner V8.8 Windows Multilingual (Part Number CIQT2ML)

How critical is this fix?


Problems solved

PM83554 ASE false-positive: SSL Certificate Domain Name Mismatch thrown for compound subjectAltName
PM88919 In-session check does not use updated param value of previous request when tracked dynamically
PM88952 ASE: Duplicate cookie values can cause out of session issues with a scan
PM89591 Error generating PDF report in ASE when using data from Source
PM89592 ASE Japanese Detailed Security Report shows incorrect Japanese
PM90490 Getting Error Code: 0x8004072c in ASE 8.7
PM90674 Suspending and resuming a job can result in an increasing entity count
PM90811 ASE dashboard shows mixed languages against Source import data
PM91650 ASE Multiple Issues with Detailed PDF reports in Japanese
PM91681 The requested name is valid, but no data of the requested type was found.
PM91997 Web Services browser for ASE 8.7 does not save the .zip file on Windows 7 and XP
PM92529 ASE Retesting an issue results in "Incomplete".
PM93262 ASE: Typo in Cacheable SSL Page Found PV Fix Remediation text
PM93457 Cacheable SSL Page Remediation text is incomplete/incorrect
PM93638 ASE: Post processing slow with batch update from local db to central db over remote connection
PM94017 407-Proxy authentication failure error during manual explore
PM94053 ASE 8.7: Export Detailed Security Issues to PDF hangs.
PM94147 ASE default installation should configure Jazz with "Use Case Insensitive user ID matching" set to "true"
PM94481 "Scan task taking more time than expected" when server stopped responding to NTLM requests
PM94940 Data for CipherSuitsRef not copied to SQL
PM95173 ASE false positive: HTTP Request Forwarding (Web Proxy) Detected
PM95211 AppScan - scans started on different agents than the designated agent
PM95282 ASE Re-test of Web Services scan issue sits in 'Pending' state.
PM95547 XSS Probes response wrong analysis leads to slow scan and XSS vulnerability missing
PM96996 ASE: Manual Explore can throw Invalid URI: Invalid port specified error
PM97302 ASE: Attempts to delete a folder throw an error Folder cannot be deleted
PM92237 Compliance report "WASC Threat Classification" is not up to date
PM90261 Appscan Enterprise shows misleading message when all licenses are in use

Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
Passport Advantage 22 Oct 2013 English 3608958522 HTTPS

Technical support

Licensing Information

Consult Licensing for AppScan Enterprise.

Helpful Hints For Obtaining Technical Assistance

Before you contact IBM Security Software Support, gather the background information that you need to describe the problem. When creating the ticket give the following information:

  • What operation did you performed, and what error message have you received?
  • The background information and context to understand the issue.
  • Version of AppScan Enterprise. Make sure you are opening the ticket for AppScan Enterprise (there are several AppScan products supported by different teams).
  • Impact of the issue on your organization, schedule, deadlines.
  • Upload logs, data, and screen captures to the ticket (logs required for common troubleshooting issues).

Problems (APARS) fixed
PM83554, PM88919, PM88952, PM89591, PM89592, PM90261, PM90490, PM90674, PM90811, PM91650, PM91681, PM91997, PM92529, PM93262, PM93457, PM93638, PM94017, PM94053, PM94147, PM94481, PM94940, PM95173, PM95211, PM95282, PM95547, PM96996, PM97302, PM92237

Document information

More support for: IBM Security AppScan Enterprise

Software version: 8.8

Operating system(s): Linux, Windows

Reference #: 4035683

Modified date: 29 April 2014

Translate this page: