Jump to main content
HCL Logo Product Documentation
  • Customer Support
HCL AppScan Source
  • Welcome
  • Introduction to HCL® AppScan® Source
  • Installing
  • Configuring
  • Administering
  • Developing
  • Extending product function
  • Reference
  • Glossary
  • Troubleshooting and support
  1. Home
  2. Developing

    Learn how to develop by using the product.

  • Developing

    Learn how to develop by using the product.

    • Scanning source code and managing assessments

      This section explains how to scan your source code and manage assessments.

    • Triage and analysis

      Grouping similar findings allows security analysts or IT auditors to segment and triage source code problems. This section explains how to triage AppScan® Source assessments and analyze results.

    • AppScan® Source trace

      With AppScan® Source trace, you can verify input validation and encoding that meets your software security policies. You can look at the findings that produce input/output traces and mark methods as validation and encoding routines, sources or sinks, callbacks, or taint propagators.

    • AppScan® Source for Analysis and defect tracking

      AppScan® Source for Analysis integrates with defect tracking systemsIBM® Rational Team Concert™ to deliver confirmed software vulnerabilities directly to the developer desktop. Defect submission to a defect tracking system contains a textual description of the bug and a file that contains only the findings submitted with the defect.

    • Findings reports and audit reports

      Security analysts and risk managers can access reports of select findings or a series of audit reports that measure compliance with software security best practices and regulatory requirements. This section explains how to create reports of aggregate finding data.

    • Creating custom reports

      In the Report Editor, you create report templates used to generate custom reports.

Developing

Learn how to develop by using the product.

  • Scanning source code and managing assessments
  • Triage and analysis
  • AppScan Source trace
  • AppScan Source for Analysis and defect tracking
  • Findings reports and audit reports
  • Creating custom reports
  • Scanning source code and managing assessments
    This section explains how to scan your source code and manage assessments.
  • Triage and analysis
    Grouping similar findings allows security analysts or IT auditors to segment and triage source code problems. This section explains how to triage AppScan Source assessments and analyze results.
  • AppScan Source trace
    With AppScan Source trace, you can verify input validation and encoding that meets your software security policies. You can look at the findings that produce input/output traces and mark methods as validation and encoding routines, sources or sinks, callbacks, or taint propagators.
  • AppScan Source for Analysis and defect tracking
    AppScan Source for Analysis integrates with defect tracking systemsIBM Rational Team Concert to deliver confirmed software vulnerabilities directly to the developer desktop. Defect submission to a defect tracking system contains a textual description of the bug and a file that contains only the findings submitted with the defect.
  • Findings reports and audit reports
    Security analysts and risk managers can access reports of select findings or a series of audit reports that measure compliance with software security best practices and regulatory requirements. This section explains how to create reports of aggregate finding data.
  • Creating custom reports
    In the Report Editor, you create report templates used to generate custom reports.
  • Share: Email
  • Twitter
  • Feedback
  • Disclaimer
  • Privacy
  • Terms of use
  • Cookie Preferences