Learn how to administer the product.
Learn how to manage user groups and access permission.
Learn how to add users in AppScan Enterprise application.
Welcome to the HCL AppScan Enterprise 10.7.0 documentation, where you can find information about how to install, maintain, and use HCL AppScan Enterprise.
Accessibility features assist users who have a disability, such as restricted mobility or limited vision, to use information technology content successfully.
Learn general information about the product.
Learn how to install the product.
Learn how to upgrade the product.
Learn how to integrate the product with other solutions.
Learn how to extend the product with REST APIs and plugins.
Learn best practices for using the product.
Learn how to configure the product.
Learn how to manage User types and roles.
Access permission control on folders begins at a high level and progresses down to a more granular level on folders and folder items. If a folder item contains sensitive information, you can restrict access to the item.
Create a user and assign a user type to them. As a best practice, when you first create a new user you should give them a No Access user type until you finish configuring their folder permissions, and then change their user type to whatever type you want them to have. This prevents new users from being able to access areas they shouldn't if they log in while you are still configuring their permissions.
Most of the properties that a typical user will need can be given to the "Default User" template, and then used automatically every time you create a new user.
You can import individual users and assign a user type to them.
You can import individual groups of users from an LDAP Server, and assign a user type to them. All groups must have a valid LDAP account before they can be imported. A user group is used to calculate the effective permissions when the user type is selected as Inherit access.
Every user is assigned a User Type by the Product Administrator. The User Type applies across all folders in an installation.
Administrators can configure the settings for log files for the Enterprise Console and AppScan Server and download them when they need to troubleshoot issues. This function eliminates the need to search the file system of the computer where the Enterprise Console or AppScan Server is installed.
The AdminUtil tool helps users to avoid rerun the configuration wizard on the AppScan Enterprise Server and the DAST Scanner(s) to reset the password. You can run the utility in two modes - Interactive mode and Silent mode. For more information about resetting service account password through interactive mode, see Resetting Service Account Password in AppScan Enterprise through the ASE AdminUtil tool in silent mode
The AppScan Enterprise (ASE) AdminUtil tool helps users to avoid rerun the configuration wizard on the AppScan Enterprise Server, IAST Communication service, DAST scanner(s), Database service, and Alert services to reset the password of service account. You can achieve this by running the utility in two modes - Interactive mode and Silent mode. For more information about resetting service account password through interactive mode, see Resetting Service Account Password in AppScan Enterprise through the ASE AdminUtil tool
Create an Activity Log report to determine who is using AppScan Enterprise and what they are doing with it. The report lists the users that made changes and when the changes were made. Because the log is always recording activity, all you must do is create the report. Only Administrators can create the Activity Log report; however, any user can be given access to it as part of a report pack's properties. If you do not want other users to see the Activity Log report, change `All Other Users' to No Access on the Users and Groups page for the report pack.
Activity Log helps determine who is using AppScan Enterprise and what they are doing with it. It lists the users that made changes and when the changes were made. This is useful for security auditing to detect possible unauthorized or unusual activities performed by users. Only Administrators can view the Activity log. By default, the activity log data is retained for one year.
Product Administrators are responsible for managing each server to its optimal performance.
See the status of scan jobs currently running or waiting to run so that you can prioritize the order in which your key scan jobs run. For example, you might have scan jobs that are part of a time-sensitive deliverable, like a holiday shopping special. You can move them to the top of the queue to make sure that they are prioritized first in the schedule.
The security rules are updated as a part of your AppScan® Enterprise releases. You can verify the version and release date of the security rules by looking in the About link in the AppScan Enterprise main menu.
AppScan® Standard provides a database of thousands of tests. However, if your web application has issues that are specific to it, or if you want to write your own advisories for fixing issues, you can create your own tests. These tests are saved and included in your AppScan database of tests. You can also export them as a *.udt file to import into AppScan Enterprise.
SQL Server database maintenance includes upgrading SQL servers, SQL database backup, log file configuration, and database usage.
Learn how to prepare for security testing in AppScan Enterprise.
Learn how to create scan templates in AppScan Enterprise.
Follow this workflow to manage application security risks in your organization.
To help you understand, isolate, and resolve problems with your HCL® software, the troubleshooting and support information contains instructions for using the problem-determination resources that are provided with your HCL products.
Review reference information for the product.