Welcome
Overview
Learn general information about the product.
Smarter DAST scans with Intelligent Finding Analytics (IFA)
Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) to improve DAST scan accuracy by minimizing false positives and optimizing test selection.

Welcome
Welcome to the HCL AppScan Enterprise 10.10.0 documentation, where you can find information about how to install, maintain, and use HCL AppScan Enterprise.
Accessibility features for AppScan® Enterprise
Accessibility features assist users who have a disability, such as restricted mobility or limited vision, to use information technology content successfully.
Overview
Learn general information about the product.
- Application security management
  Security is about protecting your valuable assets. Some of the most important assets your organization owns are in the form of information, such as intellectual property, strategic plans, and customer data. Protecting this information is critical for your organization to continue to operate, be competitive, and meet regulatory requirements.
- AppScan® Enterprise components
  HCL® AppScan® Enterprise enables organizations to mitigate application security risk, strengthen application security program management initiatives and achieve regulatory compliance. Security and development teams can collaborate, establish policies and scale testing throughout the application lifecycle. Enterprise dashboards classify and prioritize application assets based on business impact and identify high-risk areas, permitting you to maximize your remediation efforts. Performance metrics are provided that help you monitor the progress of your application security programs.
- Getting started with application security management
  Depending on your role, you can get started with different areas of the product.
- What's new in HCL AppScan® Enterprise
  This section describes new AppScan Enterprise product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.
- Interactive Application Security Testing (IAST) in AppScan Enterprise
- Vulnerable components detection using AppScan
  AppScan enhances application security by identifying and reporting vulnerabilities in third-party components, ensuring businesses are protected from potential threats. This helps prevent undetected vulnerabilities and ensures business continuity.
- Smarter DAST scans with Intelligent Finding Analytics (IFA)
  Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) to improve DAST scan accuracy by minimizing false positives and optimizing test selection.
- Supported technologies
- Known issues and workarounds
  These are known issues and their workarounds.
- Deprecated features
  If you are migrating from an earlier release of AppScan® Enterprise, you should be aware of the various features that have been deprecated in this release.
- AppScan Enterprise Legal Notices
- Statement of Good Security Practices
Installing
Learn how to install the product.
Upgrading and migrating
Learn how to upgrade the product.
Integrating
Learn how to integrate the product with other solutions.
DevOps
Learn how to extend the product with REST APIs and plugins.
Best practices
Learn best practices for using the product.
Configuring
Learn how to configure the product.
Administering
Learn how to administer the product.
Managing application risk
Follow this workflow to manage application security risks in your organization.
Troubleshooting and support
To help you understand, isolate, and resolve problems with your HCL® software, the troubleshooting and support information contains instructions for using the problem-determination resources that are provided with your HCL products.
Reference
Review reference information for the product.
Glossary

Smarter DAST scans with Intelligent Finding Analytics (IFA)

Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) to improve DAST scan accuracy by minimizing false positives and optimizing test selection.

Overview

Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) and machine learning (ML) to analyze data, discover patterns, and make predictions. This process transforms data into actionable insights. IFA uses advanced methods to find deeper meanings and make smart decisions beyond regular data analysis.

For Dynamic Application Security Testing (DAST), IFA augments scan accuracy and coverage. It uses AI, machine learning, or statistical analysis to improve test coverage and accuracy by minimizing false positives and optimizing test selection.

Currently, IFA in AppScan Enterprise focuses on two main applications:

Error Page Detection with Azure OpenAI

This feature augments AppScan heuristics to improve error page detections. This advanced AI tool enhances the accuracy of identifying and analyzing error pages within applications, which ensures more precise security assessments.
Test optimization

This feature uses AppScan's intelligent test filtering to select the most relevant tests while it reduces false positives. A full regular scan, which involves thousands of tests, can be time-consuming. To save time during early development or for a quick security check, you can use test optimization, which offers three speed levels: Fast, Faster, and Fastest. This method uses intelligent algorithms and statistical analysis to bypass less critical tests and focuses only on the most common and severe vulnerabilities. This focus significantly reduces the scan time. For a more detailed examination, you can run a full scan later in the development process or at specific intervals.