Follow this workflow to manage application security risks in your organization.
Learn how to determine risks and prioritize vulnerabilities identified in an application.
Learn how to prioritize vulnerabilities identified in an application.
Welcome to the HCL AppScan Enterprise 10.4.0 documentation, where you can find information about how to install, maintain, and use HCL AppScan Enterprise.
Accessibility features assist users who have a disability, such as restricted mobility or limited vision, to use information technology content successfully.
Learn general information about the product.
Learn how to install the product.
Learn how to upgrade the product.
Learn how to integrate the product with other solutions.
Learn how to extend the product with REST APIs and plugins.
Learn best practices for using the product.
Learn how to configure the product.
Learn how to administer the product.
Learn how to create an application inventory.
Learn how to test vulnerabilities identified in an application.
Now that management and security analysts have a comprehensive view of the applications across the enterprise, it's time to get a complete picture of the application security risk. Use formulas to create rules for automated application asset classification. The automated calculation of an application security risk rating is based on the application's description and discovered vulnerabilities.
When an application has many scans that discover many vulnerabilities, use filters on the preset issue attributes, such as Issue Severity, Issue Type, or Issue Status to help you reduce the list to a more manageable size.
All issues are classified as 'new' by default. You can see an issue classification by viewing the issue status. If no issues display for an application, associate a security scan with the application. Otherwise, you must manage your issues from a report in the Scans view. If you move a scan job from one application to another, you won't lose any of your issue management changes.
Security analysts can see the number of applications that have overdue issues so that they can quickly calculate which issues or applications are out of compliance. AppScan Enterprise v9.0.3 includes an Overdue formula that can be modified or used as an example for creating complex formulas. If your organization must comply with the Payment Card Industry standard, you can add that to the formula. Or modify the formula so that if an issue is still marked New after 10 days, and it has a high severity, it is automatically overdue.
Learn how to remediate risks identified in an application.
Learn how to measure progress and demonstrate compliance.
To help you understand, isolate, and resolve problems with your HCL® software, the troubleshooting and support information contains instructions for using the problem-determination resources that are provided with your HCL products.
Review reference information for the product.