Code catcher in a box
The BugScan appliance could be a developer’s best friend: It catches potential security holes in your application code
The final tally: BugScan is a mixed bag. I must admit that installation was about as easy as installing a small kitchen appliance. BugScan is completely self-contained; you don't have to worry about OS or hardware compatibility, or possible negative interactions with other applications. I can see that the arrangement is easier for BugScan's engineers, too: They needn't expend QA time testing their product on countless OS and hardware variants.
On the other hand, you pay for hardware when what you're really buying is software. And, since BugScan is a closed system, it appears that the only way to back up past reports is either to save the HTML screens or download the XML into a file or database. In either case, you have to back up reports one at a time.
BugScan costs $19,500, which includes one year's maintenance; after that, the maintenance fee is $3,900 per year. That's pretty steep. But if you need a software security analysis tool that's a snap to install, and that chugs through code at a swift pace while catching your unintentional errors, BugScan might be worth it.