Step 3: Reviewing Scan Results

About this task

When the scan is complete, the results are displayed in the main window, in three areas: the Application Tree, the Result List, and the Detail Pane. The type of information presented in each area depends on the View selected (default is Security Issues View).

Procedure

To access a view, click the relevant icon in the View Selector on the left side of the screen.
View Description

Data view icon

Data View provides lists of content items found in your application. This can be a useful way of verifying that the scan is configured in a way that will cover your application, before you begin the Test stage.

  • Application Tree: Shows the URL and folder nodes.
  • Result List: Shows application data, sorted by scan results (see Application Data: Result List). For example, you can choose to see a list of broken links, of JavaScript, of cookies, and so on.
  • Detail Pane: Shows the request sent to a page and the response that was received.

To learn more about the Application Data view, see Application Data.


Issues view icon

Issues View provides comprehensive data of the security issues discovered by the scan.

  • Application Tree: Shows the folders, URLs, and files that AppScan discovered in your application are listed. The number next to each node in the tree indicates how many issues were found.
  • Result List: Shows an icon per issue, indicating the severity value that is assigned to this issue (see Security Issues: Result List). Each issue also holds a consolidation of the URLs that are vulnerable to this issue. Under each URL, is a listing of the vulnerable data.
  • Detail Pane: Displays information to enable you to understand why this is an issue, what it can do if gone untreated, how to fix, the variants of the test requests that were sent, the response of your application for which AppScan marked the test as an issue, and more.

To learn more about the Issues view, see Security Issues.


Tasks view icon

Tasks View displays design remediations to address and to prevent security issues. It provides an easy and efficient way for you to communicate with personnel about the issues that your application has today and, in concise and accurate language, how to fix the design of your application.

  • Application Tree: Shows the number next to each node in the tree indicates how many remediation tasks are relevant for each item.
  • Result List: Shows an icon per remediation task, indicating the priority value that is assigned to this task (see Remediation Tasks: Result List).
  • Detail Pane: Shows details of the remediation task and lists the issues that will be addressed with this task.

To learn more about the Remediations view, see Remediation Tasks.

See Step 4: Working with results.