Home
Reference
Review reference information for the product.
Folder Explorer topics
Learn about folder explorer topics.
Creating scans in the Folder Explorer
Learn how to create scan in the folder explorer.
Optimizing your scan with advanced configuration options
Use this task to configure an advanced scan with complex configuration. Use this method for web applications that require a lot of user interaction to navigate the application or if you would like to just test a specific area of your application.
Correlating static analysis data with dynamic analysis data
Import data from AppScan® Source to correlate its findings with an existing dynamic analysis security scan (AppScan Enterprise Server content scan job or an AppScan Standard import job).
How correlation (hybrid analysis) works
No single automated analysis technique can find all possible vulnerabilities; each technique has its own strengths and weaknesses. Dynamic Analysis Security Testing (DAST) tests a running web application by probing it in ways similar to what a hacker would use. Static Analysis Security Testing (SAST) examines the source code of an application for potential vulnerabilities.
Examples of hybrid analysis
Here are some examples of hybrid analysis.

Examples of hybrid analysis

Here are some examples of hybrid analysis.

In this report screen capture, both DAST and SAST discovered a Cross-Site Scripting vulnerability.

If we look at the About this Issue report for DAST, the issue was discovered in a parameter 'uid' by removing the ASP.NET_SessionID cookie and injecting '1234"/>alert(1558)</script>' into the value of parameter 'uid'. Appscan marked the test as vulnerable, because it has successfully embedded a script in the response, and it will be executed once the page is loaded in the user's browser. This means the application is vulnerable to Cross-Site Scripting on this URL: http://demo.testfire.net/bank/login.aspx.

If we look at the About this Issue report for SAST, the code scan discovered the same vulnerability on C:\WebTest\Default.aspx.cs, the source code page for http://demo.testfire.net/bank/login.aspx.

Because the URL, entity and issue type match, it is considered a direct correlation.