Working with bundles

Bundles (a grouping mechanism for findings) allow you to import a snapshot of findings from AppScan® Source for Analysis to AppScan Source for Development. Once findings are in bundles, you can use AppScan Source for Development to open the project that contains the bundle, import the bundle, or open a saved bundle file (file_name.ozbdl).

About this task

  • If you received the bundle in an email, save the contents of the email as a bundle (.ozbdl) file.
  • If you received a notification from a defect tracking system that a bundle is available, open the defect tracking system and save the attachment associated with the bug as a bundle (.ozbdl) file.
  • If the bundle has been saved on the network, you can open the file from the saved location.

To open a bundle file:

Procedure

  1. Select Security Analysis > HCL AppScan Source > Open > Open Bundle from the main menu.
  2. Select the bundle file that contains the findings you want to resolve.
  3. The Bundle view opens to display the findings contained in that bundle. The tab reflects the bundle name.

Results

When an assessment does not contain the findings shown in the bundle, the findings display italicized with a green highlight. This situation may occur when the findings have been resolved or removed.