The scanner profile is used to import security issues (in a CSV file) that are discovered
by third-party sources, such as WhiteHat Sentinel, or manual pen testing. Edit issue attributes for
each scanner profile so that you can then map the issue attribute names of a third-party source to
the issue attribute names that AppScan® Enterprise uses.
Procedure
- On the Portfolio tab of the Monitor view,
go to .
- Create or modify a profile template. Give the profile a
name and a description.
- Enable the Remove Orphaned
Issues check box if you want to remove issues that were
previously found in an application but are not included in subsequent
imports.
Note: When the check box is enabled, there is
the potential to permanently delete all issues with the same scan
name and scanner. If you use the same scan name with the same scanner
on subsequent imports, any issues that are previously found by the
scanner and are not found in the latest results are permanently deleted.
- Click Edit to modify the issue
attributes:
- On the Edit Scanner Profile page,
define the mapping between the issue attribute names that the third-party
scanner uses and the issue attribute names that AppScan® Enterprise uses.
- Enable the Unique check box if
the attribute name helps to identify the issue as a unique issue.
If the attribute contributes to uniqueness, it must have a valid value
in the CSV file or it isn't imported.
- Keep the Use Imported Values check
box enabled if you want to update an existing issue attribute with
values contained in the imported file. If you clear the check box,
AppScan Enterprise will retain the value previously used.
- Click Edit Layout to determine
the order in which issue data appears in the About this
Issue report for this scanner, and then click OK.
- Click OK when you are finished with
the template.