Environment Definition

Environment Definition view of the Configuration dialog box.

Environment definition is not essential, but enables AppScan® to safely refrain from sending non-relevant tests during the scan, resulting in a faster and more accurate scan.

Note: Where relevant, some of the list boxes allow you to select more than one option by pressing the Ctrl key when selecting items in a list.


Metric	Comments
Operating System	Operating System of application being scanned.
Web Server	Select all applicable answers.
Application Server (if any)	Select all applicable answers.
Type of Database (if any)	Select all applicable answers.
Third-Party Component (if any)	Select all applicable answers.
Location of Site
Type of Site
Deployment Method
Collateral Damage Potential	The potential for damage or theft if the application is vulnerable.
Target Distribution	The proportion of systems in the environment that are potential targets.
Availability Requirement	The relative importance of availability (of information).
Confidentiality Requirement	The relative importance of confidentiality (of user information).
Integrity Requirement	The relative importance of integrity (accuracy) of information.

Note: The last five items are the Environmental CVSS metrics for the site. If you define the relative importance of these metrics in your application environment, AppScan will take these definitions into account when assigning severity values to vulnerabilities it finds during the scan.