Jump to main content
HCL Logo Product Documentation
Customer Support Software Academy Community Forums
HCL AppScan Source
  • Welcome
  • What's New
  • Installing
  • Configuring
  • Administering
  • Scanning
  • Triage and analysis
  • Reporting
  • Extending product function
  • Reference
  • Troubleshooting and support
  1. Home
  2. Configuring

    Learn how to configure applications, folders, and projects, and set attributes and properties in HCL® AppScan® Source.

  3. Configuring applications, folders, and projects

    Before you scan, you must configure applications, folders, and projects. This section explains the Application Discovery Assistant, New Application Wizard, New Folder Wizard, and the New Project Wizard. You will learn how to configure attributes for AppScan® Source for Analysis. In addition, this section teaches you how to add existing applications and projects for scanning - and how to add files to projects.

  4. Configuring applications

    You can use the New Application Wizard or the Application Discovery Assistant to create applications. The Application Discovery Assistant automates application setup for you, whereas the New Application Wizard allows you to add applications, guiding you through the configuration process. The wizard helps you manually create a project or add existing projects to an application. This section describes these two methods for adding application and basic configuration tasks.

  5. Adding an existing application

    Existing applications can be added for scanning by dragging and dropping them into the Explorer view - or by using the Add Application action. In addition, WAR and EAR files can be added by dragging and dropping them into the Explorer view.

  • Welcome

    Welcome to the documentation for HCL® AppScan® Source.

  • What's New

    Explore these new features that have been added to AppScan® Source - and note any features and capabilities that have been deprecated in this release.

  • Installing

    Learn how to install, upgrade, and activate HCL® AppScan® Source.

  • Configuring

    Learn how to configure applications, folders, and projects, and set attributes and properties in HCL® AppScan® Source.

    • Configuring applications, folders, and projects

      Before you scan, you must configure applications, folders, and projects. This section explains the Application Discovery Assistant, New Application Wizard, New Folder Wizard, and the New Project Wizard. You will learn how to configure attributes for AppScan® Source for Analysis. In addition, this section teaches you how to add existing applications and projects for scanning - and how to add files to projects.

      • AppScan® Source application, folder, and project files

        AppScan® Source applications, folders, and projects have corresponding files that maintain configuration information required for scanning, as well as triage customization. These files should reside in the same directory as the source code, since configuration information (dependencies, compiler options, and so forth) required to build the projects is very similar to that required for AppScan Source to scan them successfully. Best practice includes managing these files with your source control system.

      • Configuring applications

        You can use the New Application Wizard or the Application Discovery Assistant to create applications. The Application Discovery Assistant automates application setup for you, whereas the New Application Wizard allows you to add applications, guiding you through the configuration process. The wizard helps you manually create a project or add existing projects to an application. This section describes these two methods for adding application and basic configuration tasks.

        • Creating a new application with the New Application Wizard

        • Using the Application Discovery Assistant to create applications and projects

          AppScan® Source includes a powerful Application Discovery Assistant which allows you to quickly create and configure applications and projects for Java™ source code and Microsoft™ Visual Studio solutions. The Application Discovery Assistant also allows you to locate Eclipse workspaces that contain Java projects. The Application Discovery Assistant allows you to point to your source, solution, or workspace directory - and then AppScan Source handles the rest.

        • Adding an existing application

          Existing applications can be added for scanning by dragging and dropping them into the Explorer view - or by using the Add Application action. In addition, WAR and EAR files can be added by dragging and dropping them into the Explorer view.

          • Adding an existing application with user interface actions
          • Adding an existing application with drag and drop

        • Adding multiple applications

          Rather than adding just one application at a time, when you first begin working with AppScan® Source for Analysis, you may want to import multiple applications. The Select Applications dialog box allows you to select a root directory from which to search for AppScan Source applications (.paf) or Visual Studio solution files (.sln). Multiple applications can also be added for scanning by dragging and dropping them into the Explorer view.

        • Importing existing Java™ applications from Apache Tomcat and WebSphere® Application Server Liberty profile application servers

          If you have existing Java™ applications that have been deployed to a supported application server, you can automatically import them to AppScan® Source.

        • Adding an Eclipse or Eclipse-based product workspace

          If you have an Eclipse workspace that contains Java™ and/or IBM® MobileFirst Platform projects, you can import it to AppScan® Source for Analysis.

      • Configuring folders
      • Configuring your development environment for Eclipse projects

        Before you import an Eclipse project, you must properly configure the development environment. Although Eclipse is the basis for each project type, AppScan® Source distinguishes between the different versions.

      • Creating a new project for an application

        After you add an application, you add projects to it.

      • Copying projects

        AppScan® Source for Analysis allows you to copy all project types except .NET projects. Modifications to the project do not affect the duplicated project; after you copy a project, there is no connection between the original project and the copied project. When you copy an imported project, you create an AppScan Source project file (.ppf) with all configuration information.

      • Modifying application and project properties

        When you select an application or project in the Explorer view, the current properties appear in the Properties view, where you can make modifications.

      • Global attributes

        Global attributes must be defined before they can be associated with individual applications. Global attributes are defined in the Properties view by selecting All Applications in the Explorer view.

      • Application attributes

        Application attributes apply to the currently-selected application and depend on previously created global attributes.

      • Removing applications, folders, and projects

        You can remove applications and projects from AppScan® Source for Analysis if they are not registered.

      • Explorer view

        Use the Explorer view to view heirarchies of applications and folders in your projects, to start new projects, and to access tools for working with your projects.

    • Preferences

      Preferences are personal choices about the appearance and operation of AppScan® Source for Analysis.

  • Administering

    Learn how to administer user accounts and permissions, audit user activity, and manage integrations in HCL® AppScan® Source.

  • Scanning

    This section explains how to scan your source code and manage assessments in HCL® AppScan® Source.

  • Triage and analysis

    Grouping similar findings allows security analysts or IT auditors to segment and triage source code problems. This section explains how to triage AppScan® Source assessments and analyze results.

  • Reporting

    Security analysts and risk managers can access reports of select findings or a series of audit reports that measure compliance with software security best practices and regulatory requirements. This section explains how to create reports of aggregate finding data.

  • Extending product function

    Learn how to extend the product to meet specific development requirements.

  • Reference

    Review reference information for HCL® AppScan® Source, including using utilities, plug-ins, and APIs.

  • Troubleshooting and support

    Self-help information, resources, and tools to help you troubleshoot issues while using HCL® AppScan® Source.

Adding an existing application

Existing applications can be added for scanning by dragging and dropping them into the Explorer view - or by using the Add Application action. In addition, WAR and EAR files can be added by dragging and dropping them into the Explorer view.

To learn how to add an existing application, see these topics:

  • Adding an existing application with user interface actions
  • Adding an existing application with drag and drop
  • Adding an existing application with user interface actions
  • Adding an existing application with drag and drop
  • Share: Email
  • Twitter
  • Disclaimer
  • Privacy
  • Terms of use
  • Cookie Preferences