Introduction to HCL® AppScan® Source
HCL® AppScan® Source delivers maximum value to every user in your organization who plays a role in software security. Whether a security analyst, quality assurance professional, developer, or executive, the AppScan® Source products deliver the functionality, flexibility, and power you need - right to your desktop.
The product set includes:
- AppScan® Source for Analysis: Workbench to configure applications and projects, scan code, analyze, triage, and take action on priority vulnerabilities.
- AppScan® Source for Automation: Allows you to automate key aspects of the AppScan® Source workflow and integrate security with build environments during the software development life cycle.
- AppScan® Source for Development: Developer plug-ins integrate many AppScan® Source for Analysis features into Microsoft™ Visual Studio, the Eclipse workbench, and Rational® Application Developer for WebSphere® Software (RAD). This allows software developers to find and take action on vulnerabilities during the development process. The Eclipse plug-in allows you to scan source code for security vulnerabilities - and you can scan IBM® MobileFirst Platform projects with the Eclipse plug-in.
To enhance the value of AppScan® Source within your organization, the products include these components:
- AppScan® Source Security Knowledgebase: In-context intelligence on each vulnerability, offering precise descriptions about the root cause, severity of risk, and actionable remediation advice.
- AppScan® Enterprise
Server: Most
AppScan®
Source products and components must
communicate with an AppScan® Enterprise
Server. Without one, you can use AppScan® Source for
Development in local mode and/or AppScan® Source for
Analysis in standalone mode.
The server provides centralized user management capabilities and a mechanism for sharing assessments. The server includes an optional Enterprise Console component. If your administrator installs this component, you can publish assessments to it from AppScan® Source for Analysis, AppScan® Source for Automation, and the AppScan® Source command line interface (CLI). The Enterprise Console offers a variety of tools for working with your assessments - such as reporting features, issue management, trend analysis, and dashboards.
Important: For some versions of AppScan® Source and AppScan® Enterprise, the version and release level of the two products must match in order to connect from AppScan® Source to the AppScan® Enterprise Server. See System requirements and installation prerequisites to learn more about system requirements and compatibilities.Note:- As of version 9.0.3.11, AppScan® Source no longer supports macOS or iOS Xcode scanning.
- AppScan® Enterprise Server is not supported on macOS.
- If you have a basic server license, the server may only be accessed by up to ten (10) concurrent connections from AppScan® products. With a premium server license, unlimited connections are allowed.
This Software Offering does not use cookies or other technologies to collect personally identifiable information.
Translated national languages
The AppScan® Source user interfaces are available in these languages:
- English
- Brazilian Portuguese
- Simplified Chinese
- Traditional Chinese
- German
- Spanish
- French
- Italian
- Japanese
- Korean
- Russian