Home
Developing
Learn how to develop by using the product.
AppScan® Source trace
With AppScan® Source trace, you can verify input validation and encoding that meets your software security policies. You can look at the findings that produce input/output traces and mark methods as validation and encoding routines, sources or sinks, callbacks, or taint propagators.
AppScan® Source trace scan results
Scan results may include traces identified by AppScan® Source trace. The icon in the Trace column indicates the existence of a trace of the call graph.

AppScan Source trace scan results

Scan results may include traces identified by AppScan® Source trace. The icon in the Trace column indicates the existence of a trace of the call graph.

Scans may generate findings of type Validation.Required and Validation.EncodingRequired. These findings indicate a location in the source code where data is read from an external source or saved to an external sink. The scan flags these cases because the data should be validated or encoded to prevent malicious or erroneous data from doing harm.