AppScan Source for Automation

The Automation Server (ounceautod) allows you to automate key aspects of the AppScan® Source workflow and integrate security with build environments during the software development life cycle (SDLC). The Automation Server allows you to queue requests to scan and publish assessments, and generate reports on the security of application code.

Through the AppScan Source for Automation client command line executable (ounceauto), you submit requests to the server. When processing requests, the Automation Server runs as a client of the associated AppScan Enterprise Server and can connect only to a single AppScan Enterprise Server. It listens on a TCP port (default 13205) for connections from local host only.

  • On Windows™ systems, the Automation Server runs as the HCL AppScan Source Automation service.
  • On Linux™ systems, it runs as a daemon:
    • To stop the daemon, issue this command: /etc/init.d/ounceautod stop
    • To start the daemon, issue this command: /etc/init.d/ounceautod start
  • On macOS, the Automation Server runs as a service:
    • To stop the service, issue this command: launchctl stop com.ibm.appscan.autod
    • To start the service, issue this command: launchctl start com.ibm.appscan.autod

The Automation Server processes requests as a specified AppScan Source user and thus inherits the permissions of that user. This user ID must have whatever permissions it needs, depending on the commands it needs to run. For example, if the user ID needs to run the PublishAssessment command, the user ID can be given publish and register permissions and does not require permission to scan (refer to the Administering AppScan Source section of the AppScan Source Installation and Administration Guide for more details). Submitting a request to the Automation Server does not require user credentials.