Welcome
Getting started
Welcome to the documentation for HCL AppScan on Cloud, where you can find information about how to install, maintain, and use this service.
Contact and support
Useful links to human and online resources.

Getting started
Welcome to the documentation for HCL AppScan on Cloud, where you can find information about how to install, maintain, and use this service.
- About HCL AppScan on Cloud
  Security is about protecting your valuable assets. Some of the most important assets your organization owns are in the form of information, such as intellectual property, strategic plans, and customer data. Protecting this information is critical for your organization to continue to operate, be competitive, and meet regulatory requirements.
- Roles and workflows
  Learn about different ASoC tasks and workflows for different authorized ASoC users with a valid subscription.
- What's new in AppScan on Cloud
  Discover upcoming and recently added features.
- System requirements
  Explore the detailed system requirements and supported operating systems and languages for the AppScan on Cloud analyzers. Additionally, discover the compatible browsers and minimum screen resolution necessary for optimal service performance.
- Creating an ASoC account
- Data center selection
- Subscriptions
  Subscriptions view displays the status of all your organization's subscriptions. It includes details like the selected technologies, how many months have passed, the number of applications in use, or the number of concurrent scans that can be run per technology, as well as the start and end dates.
- Sample apps and scripts
  Use these sample applications to practice scanning with ASoC.
- Demo videos
  These "how-to" videos demonstrate using ASoC and how it fits into your workflow, and offer tips and tricks.
- Contact and support
  Useful links to human and online resources.
- Certifications
- Licensing
- Trial Terms of Use
  TRIAL AGREEMENT FOR HCL APPSCAN ON CLOUD SERVICE
Navigation
This section describes the items on the main AppScan on Cloud menu bar, with links to more detailed information.
Administration
Define users, applications, policies, and configure DevOps integrations.
Dynamic analysis
AppScan on Cloud performs security scans for web-applications for production, staging and development environments. For development environments it is aided by Private Site Scanning technology to scan applications not accessible to the open Internet.
Interactive monitoring
Using an agent installed on your application, ASoC identifies security vulnerabilities in your application during runtime by monitoring all interactions, both legitimate and malicious. The process is "passive," in the sense that IAST does not send its own tests, and can therefore run indefinitely.
Software Composition Analysis
Use Software Composition Analysis (SCA) to scan for security vulnerabilities in open source and third-party packages used by your code. SCA includes Intelligent Finding Analytics (IFA) and Intelligent Code Analytics (ICA).
Static analysis
Use static analysis (SAST) to scan for security vulnerabilities in web and desktop applications. Static analysis includes Intelligent Finding Analytics (IFA) and Intelligent Code Analytics (ICA).
Results
The Scans and Sessions page lists the scans under the categories DAST, SAST, SCA, and IAST, where you can view your scan results, including scan statistics. To view, rescan, or download reports, select a scan.The Scans and Sessions page lists scans under the categories where you can view your scan results, including scan statistics. To view, rescan, or download reports, select a scan.
Troubleshooting
If you experience problems with this service, you can perform these troubleshooting tasks to determine the corrective action to take.
FAQ & Reference
Frequently asked questions, information about integrating ASoC into the product lifecycle (SDLC), and ASoC API documentation.

Contact and support

Useful links to human and online resources.