Navigating AppScan on Cloud

This section describes navigating AppScan on Cloud, including items on the side main menu and top navigation bars, with links to more detailed information.

The main menu bar appears as a black, vertical strip of icons on the left side of the screen. By default the side menu bar is collapsed, and only the seven main icons are shown. Click an empty part of the menu bar to see all items, with their full names.
Note: Depending on your permissions, some of the items listed below may not appear on your menu bar.

Side menu bar

Icon

Item

Details
home icon Home The Home page lists your asset groups and applications, plus recent applications and scans within your assigned groups. Open a recent application or scan, or view all on the Applications page or the Scans and sessions page. The What's New section lists recent ASoC updates. See Home.

Dashboard

The dashboard helps you track a variety of metrics and trends for you applications, scans and technologies. It gives you a detailed overview of active issues, MTTR issues, applications, and scans along with graphs and charts that display the overall state of your applications.

See Dashboard.

Applications

You must create an application before you can start your first scan.

An ASoC application is a collection of scans related to the same project. It can be a web site, a desktop application, a web service, or any component of an application. Applications enable you to asses risk, identify trends, and make sure that your project is compliant with industry and organization policies.

The Applications page lists all applications in your organization that are within the asset groups to which you are assigned. You can use it to create new applications, and open individual application pages. See Applications

Scans and sessions

A list of all scans in your applications. The list can be filtered by technology (DAST, SAST), status (Completed, Failed, etc.), and a search string. Each scan entry can be expanded to show more details. See Scans and sessions
Libraries Search for and act on open source libraries associated with applications. The search results can be sorted by name, version, license type, date, and application. View detail information for each library, and control use of libraries according to organizational policies.

See Libraries.

Governance >
DAST templates
DAST templates streamline the management and use of Dynamic Application Security Testing (DAST) scan templates. See DAST templates.
DAST policies
Policies are a way of filtering the issues found in scans so you see only those that are relevant to you. You can create your own policies, or use the predefined policies. You can associate up to five policies with any application. See Compliance policies.
DAST domains
Before you can scan, ASoC must verify that it can access the site and that you are entitled to scan it. This view lists verified domains for your organization, and lets you verify additional domains.
Presences
Manage AppScan Presences. An AppScan Presence on your server enables you to scan sites not accessible from the Internet, and to incorporate scanning as part of your functional testing. See AppScan Presence.
Audit trail
A table detailing user activity including time stamp, user name, activity, object and more. You can configure which columns to show. Administrators see actions of all users; users see their own actions. You can search, filter, and export the displayed data. See Audit trail.

Administration >

Administration contains five pages to help you manage data access.

Asset groups
Asset groups are a way of organizing your applications. For each group you create, you can add applications and assign users. Users only see applications in the asset groups to which they are assigned. See Asset groups
Users
Invite and manage users. See Users
Roles
Define user roles. See Roles
Subscriptions
Subscriptions view shows the status of all your organization's subscriptions, including the number applications or scans left, and the start and end dates. See Subscriptions.
Settings
This view is available to administrators only and is used to create and manage business units.

Top navigation

This section describes the items on the AppScan on Cloud navigation bar at the top of the window, with links to more detailed information.

Item

Details

Integrations

 AppScan on Cloud offers various plugins and integrations, that are listed on the AppScan on Cloud Integrations page. See, Integrations.
Documentation Displays the documentation for AppScan on Cloud.
Support Useful links to human and online resources.
English (default) Language selector. Available languages:
  • English
  • Simplified Chinese (简体中文)
  • Traditional Chinese (繁體中文)
  • French (Français)
  • German (Deutsch)
  • Italian (Italiano)
  • Japanese (日本語)
  • Korean (한국어)
  • Portuguese (Português)
  • Russian (Русский)
  • Spanish (Español)
User menu

Details for the signed-in user.

User
Your user name, email associated with your account, and role.
Data center
The data center on which you are signed in.
Organization
Your organization name.
Account settings
Set the application language and theme, generate an an API key for using the ASoC API (see REST API, and Generating API Keys), and enable email notifications for your scans and applications. See Email notifications.
Theme
You can choose from the following options:
  • : By default, the theme is applied according to your device default.
  • : Light theme
  • : Dark theme
Sign out
Sign out of AppScan on Cloud