AppScan® Source predefined filters (Version 8.7.x and earlier)
This topic lists predefined filters that were included in AppScan® Source Version 8.7.x and earlier.
If you need to access these filters, follow the instructions in Restoring archived predefined filters.
! - The Vital Few
This filter matches findings from some of the most dangerous vulnerability categories. Only findings which originate in an external network communications source are included. This filter provides a laser-focused starting point for high risk findings. The specific categories which are included in this filter are:
Vulnerability.BufferOverflow
Vulnerability.BufferOverflow.FormatString
Vulnerability.PathTraversal
Vulnerability.CrossSiteScripting
Vulnerability.CrossSiteScripting.Reflected
Vulnerability.CrossSiteScripting.Stored
Vulnerability.Injection
Vulnerability.Injection.LDAP
Vulnerability.Injection.SQL
Vulnerability.Injection.OS
Vulnerability.Injection.XML
Vulnerability.Injection.XPath
High Priority - External Communications
This
filter matches findings which originate from outside the application
and across a network. This filter matches findings which originate
at any Technology.Communications
source.
High Priority - Important Types
This filter
contains findings from some of the most dangerous vulnerability categories,
such as CrossSiteScripting
and Injection.SQL
.
The specific categories which are included in this filter are:
Vulnerability.AppDOS
Vulnerability.Authentication.Credentials.Unprotected
Vulnerability.Authentication.Entity
Vulnerability.BufferOverflow
Vulnerability.BufferOverflow.FormatString
Vulnerability.CrossSiteScripting
Vulnerability.CrossSiteScripting.Reflected
Vulnerability.CrossSiteScripting.Stored
Vulnerability.Injection
Vulnerability.Injection.LDAP
Vulnerability.Injection.OS
Vulnerability.Injection.SQL
Vulnerability.Injection.XML
Vulnerability.Injection.XPath
Vulnerability.PathTraversal
Low Priority - Test Code
This filter contains findings from test code. Specific types in this filter include:
Vulnerability.Quality.TestCode
Noise - Copy-like Operations
This filter contains findings that are concerned with copy-like operations. A copy-like operation occurs when data is taken from a source which may or may not be trusted, but actions performed on the data are trusted.
These patterns are looked for:
Technology.Database --> Vulnerability.Injection.SQL
Mechanism.SessionManagement --> Mechanism.SessionManagement
Technology.XML, Technology.XML.DOM, Technology.XML.Schema,
Technology.XML.XPath --> Vulnerability.AppDOS.XML,
Vulnerability.Injection.XML
Noise - Logging Issues
Mechanism.ErrorHandling -->
Vulnerability.Logging, Vulnerability.Logging.Forge, Vulnerability.Logging.Required
Noise - Low Severity
This filter contains findings with a severity of Low. All classifications are included.
Noise - Trusted Source
This filter contains
findings that emanate from a trusted source. Only findings that have java.lang.System.getProperty.*
as
their source are included in this filter.