Jump to main content
HCL Logo Product Documentation
  • Customer Support
HCL AppScan Source
  • Welcome
  • Introduction to HCL® AppScan® Source
  • Installing
  • Configuring
  • Administering
  • Developing
  • Extending product function
  • Reference
  • Glossary
  • Troubleshooting and support
  1. Home
  2. Reference

    Review reference information for the product.

  • Reference

    Review reference information for the product.

    • The Ounce/Make build utility

      Ounce/Make is a tool that automates the importing of configuration information into AppScan® Source from build environments that use makefile. Ounce/Make eliminates the need to import configuration information from makefiles manually.

    • AppScan® Source command line interface (CLI)

      The CLI is an interface to core AppScan® Source functionality.

    • The Ounce/Ant build tool

      This section describes how to use Ounce/Ant, an AppScan® Source build utility that integrates AppScan Source and Apache Ant. Integrating Ounce/Ant with your Ant environment helps you automate builds and code assessments.

    • AppScan® Source Data Access API

      The Data Access API provides access to AppScan® Source-generated assessment results, including findings and finding details. It also provides access to assessment metrics such as analysis date and time, lines of code, V-density, and number of findings.

    • Ounce/Maven plug-in

      This section describes the Ounce/Maven plug-in, which uses Maven, an Apache build tool, to integrate AppScan® Source into the Maven workflow.

    • AppScan® Source for Automation

      The Automation Server (ounceautod) allows you to automate key aspects of the AppScan® Source workflow and integrate security with build environments during the software development life cycle (SDLC). The Automation Server allows you to queue requests to scan and publish assessments, and generate reports on the security of application code.

    • Framework for Frameworks handling APIs

      AppScan® Source provides a set of Java™ APIs that allow you to add support for frameworks that are used in your applications. The classes and methods offered in these APIs allow you to account for frameworks for which built-in support is not provided.

    • AppScan® Source client component error messages

    • AppScan® Source for Analysis samples

      AppScan® Source for Analysis includes a sample applicationsample applications that you can use to familiarize yourself with the product.

    • The AppScan® Source for Analysis work environment

      To get the most out of AppScan® Source, you should understand the basic concepts behind the AppScan Source for Analysis working environment and how to use the options that best fit your workflow.

    • Views and windows

      AppScan® Source for Development views and windows provide alternative presentations of findings, support code editing, and allow you to navigate the information in your workbench. A view might appear by itself, or stacked with other views in a tabbed notebook. You can change the layout of a perspective or window layout by opening and closing views and by docking them in different positions in the Workbench window.

    • CWE support

      The Common Weakness Enumeration (CWE) is an industry standard list that provides common names for publicly known software weaknesses. This topic lists the CWE IDs that are supported in the current version of AppScan® Source.

Reference

Review reference information for the product.

  • The Ounce/Make build utility (Windows and Linux only)
  • AppScan Source command line interface (CLI)
  • The Ounce/Ant build tool
  • AppScan Source Data Access API
  • Ounce/Maven plug-in
  • AppScan Source for Automation
  • Framework for Frameworks handling APIs
  • AppScan Source client component error messages
  • AppScan Source for Analysis samples
  • The AppScan Source for Analysis work environment
  • Views and windows
  • CWE support
  • The Ounce/Make build utility
    Ounce/Make is a tool that automates the importing of configuration information into AppScan Source from build environments that use makefile. Ounce/Make eliminates the need to import configuration information from makefiles manually.
  • AppScan Source command line interface (CLI)
    The CLI is an interface to core AppScan Source functionality.
  • The Ounce/Ant build tool
    This section describes how to use Ounce/Ant, an AppScan Source build utility that integrates AppScan Source and Apache Ant. Integrating Ounce/Ant with your Ant environment helps you automate builds and code assessments.
  • AppScan Source Data Access API
    The Data Access API provides access to AppScan Source-generated assessment results, including findings and finding details. It also provides access to assessment metrics such as analysis date and time, lines of code, V-density, and number of findings.
  • Ounce/Maven plug-in
    This section describes the Ounce/Maven plug-in, which uses Maven, an Apache build tool, to integrate AppScan Source into the Maven workflow.
  • AppScan Source for Automation
    The Automation Server (ounceautod) allows you to automate key aspects of the AppScan Source workflow and integrate security with build environments during the software development life cycle (SDLC). The Automation Server allows you to queue requests to scan and publish assessments, and generate reports on the security of application code.
  • Framework for Frameworks handling APIs
    AppScan Source provides a set of Java APIs that allow you to add support for frameworks that are used in your applications. The classes and methods offered in these APIs allow you to account for frameworks for which built-in support is not provided.
  • AppScan Source client component error messages
  • Installation and user data file locations
    When you install AppScan Source, user data and configuration files are stored outside of the installation directory.
  • AppScan Source for Analysis samples
    AppScan Source for Analysis includes a sample applicationsample applications that you can use to familiarize yourself with the product.
  • The AppScan Source for Analysis work environment
    To get the most out of AppScan Source, you should understand the basic concepts behind the AppScan Source for Analysis working environment and how to use the options that best fit your workflow.
  • Views and windows
    AppScan Source for Development views and windows provide alternative presentations of findings, support code editing, and allow you to navigate the information in your workbench. A view might appear by itself, or stacked with other views in a tabbed notebook. You can change the layout of a perspective or window layout by opening and closing views and by docking them in different positions in the Workbench window.
  • CWE support
    The Common Weakness Enumeration (CWE) is an industry standard list that provides common names for publicly known software weaknesses. This topic lists the CWE IDs that are supported in the current version of AppScan Source.
  • Disclaimer
  • Privacy
  • Terms of use
  • Cookie Preferences