Jump to main content
HCL Logo Help Center
HCL TECHNOLOGIES ABOUT US PRODUCTS & SOLUTIONS RESOURCES CONTACT US
HCL AppScan Source
  • HCL® AppScan® Source V9.0.3.14 documentation
  • Security AppScan Source - Windows and Linux
  • Security AppScan Source -- MacOS
  • General product information for troubleshooting and support
  • Glossary
  1. Home
  2. Security AppScan Source - Windows and Linux

    HCL® AppScan® Source delivers maximum value to every user in your organization who plays a role in software security. Whether a security analyst, quality assurance professional, developer, or executive, the AppScan Source products deliver the functionality, flexibility, and power you need - right to your desktop.

  3. Developing

    Learn how to develop by using the product.

  4. Finding reports and audit reports

    Security analysts and risk managers can access reports of select findings or a series of audit reports that measure compliance with software security best practices and regulatory requirements. This section explains how to create reports of aggregate finding data.

  5. AppScan Source reports

  6. Payment Card Industry Data Security Standard (PCI DSS) Version 3.2 report
  • Security AppScan Source - Windows and Linux

    HCL® AppScan® Source delivers maximum value to every user in your organization who plays a role in software security. Whether a security analyst, quality assurance professional, developer, or executive, the AppScan Source products deliver the functionality, flexibility, and power you need - right to your desktop.

    • Overview

      Learn general information about the product.

    • Installing

      Learn how to install the product.

    • Configuring

      Learn how to configure the product.

    • Administering

      Learn how to administer the product.

    • Developing

      Learn how to develop by using the product.

      • Scanning source code and managing assessments

        This section explains how to scan your source code and manage assessments.

      • Triage and analysis

        Grouping similar findings allows security analysts or IT auditors to segment and triage source code problems. This section explains how to triage AppScan® Source assessments and analyze results.

      • AppScan Soure trace

        With AppScan® Source trace, you can verify input validation and encoding that meets your software security policies. You can look at the findings that produce input/output traces and mark methods as validation and encoding routines, sources or sinks, callbacks, or taint propagators.

      • AppScan Soure for Analysis and defect tracking

        AppScan® Source for Analysis integrates with defect tracking systemsIBM® Rational Team Concert™ to deliver confirmed software vulnerabilities directly to the developer desktop. Defect submission to a defect tracking system contains a textual description of the bug and a file that contains only the findings submitted with the defect.

      • Finding reports and audit reports

        Security analysts and risk managers can access reports of select findings or a series of audit reports that measure compliance with software security best practices and regulatory requirements. This section explains how to create reports of aggregate finding data.

        • Creating findings reports

        • AppScan Source reports

          • Creating an AppScan Source custom report

          • CWE/SANS Top 25 2011 report

            The CWE/SANS Top 25 2011 report is based on the 2011 CWE/SANS Top 25 Most Dangerous Software Errors.

          • DISA Application Security and Development STIG V4R4 report

            This topic provides links to the Defense Information Systems Agency (DISA) Application Security and Development Security Technical Implementation Guide (STIG) website and guidance documents.

          • Open Web Application Security Project (OWASP) Top 10 2013 and 2017 reports

            This topic provides links to the Open Web Application Security Project (OWASP) website and guidance documents.

          • Open Web Applicatino Security Project (OWASP) Mobile Top 10 report

            This topic provides links to the Open Web Application Security Project (OWASP) website and guidance documents.

          • Payment Card Industry Data Security Standard (PCI DSS) Version 3.2 report
          • Software Security Profile report

            The Software Security Profile presents a comprehensive analysis of the characteristics of your application that have direct relevance to its security. It provides a detailed audit of critical security features in software for a particular project. This report helps you verify the implementation of requirements such as encryption, access control, logging, and error handling before certifying the software for deployment.

      • Creating custom reports

        In the Report Editor, you create report templates used to generate custom reports.

    • Extending product function

      Learn how to extend the product.

    • Reference

      Review reference information for the product.

    • Glossary

      Learn common product terminology.

    • HCL® AppScan® Source for Development (Eclipse Plug-in)

      With AppScan® Source for Development, you can work in your existing development environment and perform security vulnerability analysis on Java and IBM® MobileFirst Platform projects. Security analysis lets you pinpoint vulnerabilities in the source code and eliminate them entirely with AppScan Source Security Knowledgebase remediation assistance.

Payment Card Industry Data Security Standard (PCI DSS) Version 3.2 report

This report provides relevant data needed to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS).

See https://www.pcisecuritystandards.org/security_standards/index.php for information.

© Copyright HCL Technologies Limited 2001, 2019 / About HCL Software / Acquisition FAQ / Government - US Federal / Welcome / Contact Us