Learn how to administer the product.
Learn how to manage user groups and access permission.
Learn how to add users in AppScan Enterprise application.
Learn how to manage User types and roles.
Access permission control on folders begins at a high level and progresses down to a more granular level on folders and folder items. If a folder item contains sensitive information, you can restrict access to the item.
Create a user and assign a user type to them. As a best practice, when you first create a new user you should give them a No Access user type until you finish configuring their folder permissions, and then change their user type to whatever type you want them to have. This prevents new users from being able to access areas they shouldn't if they log in while you are still configuring their permissions.
Most of the properties that a typical user will need can be given to the "Default User" template, and then used automatically every time you create a new user.
You can import individual users and assign a user type to them.
You can import individual groups of users from an LDAP Server, and assign a user type to them. All groups must have a valid LDAP account before they can be imported. A user group is used to calculate the effective permissions when the user type is selected as Inherit access.
Every user is assigned a User Type by the Product Administrator. The User Type applies across all folders in an installation.
Administrators can configure the settings for log files for the Enterprise Console and AppScan Server and download them when they need to troubleshoot issues. This function eliminates the need to search the file system of the computer where the Enterprise Console or AppScan Server is installed.
The AdminUtil tool helps users to avoid rerun the configuration wizard on the AppScan Enterprise Server and the DAST Scanner(s) to reset the password.
Create an Activity Log report to determine who is using AppScan Enterprise and what they are doing with it. The report lists the users that made changes and when the changes were made. Because the log is always recording activity, all you must do is create the report. Only Administrators can create the Activity Log report; however, any user can be given access to it as part of a report pack's properties. If you do not want other users to see the Activity Log report, change `All Other Users' to No Access on the Users and Groups page for the report pack.
Product Administrators are responsible for managing each server to its optimal performance.
See the status of scan jobs currently running or waiting to run so that you can prioritize the order in which your key scan jobs run. For example, you might have scan jobs that are part of a time-sensitive deliverable, like a holiday shopping special. You can move them to the top of the queue to make sure that they are prioritized first in the schedule.
Make sure that you must have the latest version of AppScan® Enterprise (including Fixpacks and iFixes) before you update to the latest security rules. You can verify the version and release date of the security rules by looking in the About link in the AppScan Enterprise main menu.
AppScan® Standard provides a database of thousands of tests. However, if your web application has issues that are specific to it, or if you want to write your own advisories for fixing issues, you can create your own tests. These tests are saved and included in your AppScan database of tests. You can also export them as a *.udt file to import into AppScan Enterprise.
SQL Server database maintenance includes upgrading SQL servers, SQL database backup, log file configuration, and database usage.
Learn how to prepare for security testing in AppScan Enterprise.
Learn how to create scan templates in AppScan Enterprise.