Review reference information for the product.
Reports are automatically generated after a job has run. They provide a way of managing issues so that you can helps you manage issues that are important to your organization and do so in a way that is supported both by the Enterprise Console's workflow and the workflows of other processes within your organization.
A tremendous amount of powerful data is delivered through the reports. But not every organization wants to review their data in exactly the same way as everybody else. Flexible viewing mechanisms help you organize how you review your issues in whatever way makes the most sense to you.
Learn more about Inventory Reports.
Welcome to the HCL AppScan Enterprise 10.7.0 documentation, where you can find information about how to install, maintain, and use HCL AppScan Enterprise.
Accessibility features assist users who have a disability, such as restricted mobility or limited vision, to use information technology content successfully.
Learn general information about the product.
Learn how to install the product.
Learn how to upgrade the product.
Learn how to integrate the product with other solutions.
Learn how to extend the product with REST APIs and plugins.
Learn best practices for using the product.
Learn how to configure the product.
Learn how to administer the product.
Follow this workflow to manage application security risks in your organization.
To help you understand, isolate, and resolve problems with your HCL® software, the troubleshooting and support information contains instructions for using the problem-determination resources that are provided with your HCL products.
Learn about configuring wizard topics.
Learn about folder explorer topics.
A report pack is a bundle of reports that summarizes the issues discovered within its reports and provides a window into those reports. The reports themselves contain the details of the issues found on your website or application.
Grouping report results by different data sets (such as page, or context or IP address) helps make the report data more relevant to your analysis needs.
You can search for specific issues or information within each report's results. For example, you might want to find all the issues within a certain directory of the Page URL. Or you might want to track a particular issue throughout your remediation process; enter the Issue ID in the Search tab to locate it within the relevant report.
When your report contains a list of identical URLs, it is likely because your site uses static URLs. In these cases, the page content can be determined through the use of either POST data or cookie information.
All issues are classified as open by default. You can see an issue classification by grouping by Issue Status.
Exporting report data is useful if you have team members that do not directly access the Enterprise Console; you can export the report data to an XML file, Excel spreadsheet, pdf or CSV file for them to use.
Import data from AppScan® Source to correlate its findings with an existing dynamic analysis security scan (AppScan Enterprise Server content scan job or an AppScan Standard import job).
Learn more about Security Reports.
This report shows you where the authentication points (the applications that validate a user's credentials) are located on your website. It provides a summary of the authentication points found, including a total for all the types found, and the number of each authentication type found.
This report provides information about broken links found on the site.
This report displays an inventory of the distinct URLs and the PageComponents that use them. A PageComponent is a file that makes up part of a web page, such as an HTML file, an image or an MS Word document. Many web pages can use the same PageComponent; for example, a corporate logo that can display throughout the site or a navigation toolbar inside a frame. For each URL in the list, information is provided about the rendered file size, Mime type and last modified date. You can use this report to identify files that do not conform to your corporate standards or that might cause searchability or accessibility problems.
This report displays the links that were filtered from the scan and provides an explanation. It displays the same information as the scan log, but in a format that can be searched and sorted after the scan has completed.
This report provides you with the number and type of hosts that have web servers. The hosts are categorized by domain and by operating system. The Hosts report tells you what machines are publicly accessible through your Internet or Intranet.
This report provides information about any links on your website that point to files on your local server. There are two ways you can refer to a document within an HREF attribute: absolutely or relatively. An absolute link defines the location of the document, including the protocol to use to get the document, the server to get it from, the directory it is located in, and the name of the document itself. A relative link takes advantage of the fact that the server knows where the current document is.
This report provides an inventory of the pages found during a content scan, including the page name, size, title and Mime type.
This report shows you the forms that were not completed by the automatic form fill. Do a manual explore to complete them in so that the scan can continue through the site to discover as much content as possible.
This report categorizes the web servers in your organization by their role and type.
This report provides an inventory of the unique internal domains found during a content scan to help you understand the overall size and scope of your website.
Use the dashboard to track and consolidate the severity metrics and trends of your web applications or website over time. You can combine data from different business areas (such as sales, marketing, or products), specific issue types, or developers so you can see a complete picture of your web properties or applications. Security analysts or web managers can use this high-level view to quickly study interactive reports about the issues.
A GitHub collection of integrations, helper scripts, utilities, useful examples, libraries, and other resources related to HCL AppScan.