Welcome
References
Menus and toolbar summaries, and glossary
Compliance

Welcome
Welcome to the documentation for HCL AppScan Standard version 10.10.0
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
Configuration
You configure a scan by choosing settings that best describe your application, and the kind of testing you want.
Intelligent Finding Analytics (IFA)
Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) and machine learning (ML) to analyze data, discover patterns, and make predictions, ultimately transforming data into actionable insights. IFA goes beyond regular data analysis by using advanced methods to find deeper meanings and make smart decisions.
Manual exploring
Manual exploring enables you to explore specific parts of your application, filling in fields and forms as you go. This can be a way of ensuring that particular areas of the site are covered, and that AppScan has the information needed to complete forms correctly.
Scanning
Learn how to start a scan, and what happens during the scan; how to manually manipulate the Explore stage, and how to export the results of a scan.
Data
Data view is populated with information about the structure of the site during the Explore stage of the scan.
Issues
Issues view provides access to the results of a scan. You can view results at a high level or select specific tests or objects and access more details. These details include how to fix, requests/responses, and differences between the test variants that resulted in issues. You can manipulate the severity of issues, resend tests (with or without modifications), and create reports based on Issues.
Reports
Tools
This section explains how to use additional tools provided with HCL AppScan Standard.
Integrations
This section describes integrations of other applications with AppScan Standard:
Best practices
This section contains some best practices and use cases for advanced users.
FAQ & Troubleshooting
CLI
This section describes the syntax and options available using the Command line interface.
References
Menus and toolbar summaries, and glossary
- Menubar
- Browser toolbar
  The icons on the toolbar of the embedded AppScan® browser, used to display and save screenshots of application responses.
- Accessibility
  AppScan Standard ensures accessibility by supporting features that help users with special abilities navigate and interact with the application effectively, enhancing overall usability and compliance with accessibility standards.
- Temp files
  Describes where AppScan® saves its temporary files during normal operation, and how to change the location.
- Glossary
  This glossary explains terms and acronyms used in the AppScan® Standard user interface and documentation.
- Compliance
- WebSocket support
  AppScan seamlessly handles WebSocket protocols that uses JSON or XML messages for data exchange by automatically detecting them and executing the appropriate tests during the scan, without requiring any special configuration.
- CWE support
  CWE (Common Weakness Enumeration) is an industry standard list that provides common names for publicly known software weaknesses. The following CWE IDs, and their parent or child IDs, are supported in the current version of AppScan Standard.
- CVE support
- Notices

United States government regulation compliance

Compliance with United States government security and information technology regulations help to remove sales impediments and roadblocks. It also provides a proof point to prospects worldwide that HCL® is working to make their products the most secure in the industry. This topic lists the standards and guidelines that AppScan® Standard supports.

Voluntary Product Accessibility Template (VPAT) compliance document

A VPAT, is a document that helps buyers and sellers assess the accessibility of Information and Communication Technology (ICT) products and services, ensuring compliance with standards like Section 508 of the Rehabilitation Act of 1973, the Web Content Accessibility Guidelines (WCAG), and EN 301 549.

The AppScan Standard Accessibility Compliance Report is available upon request from the AppScan support team.

Federal Information Processing Standard (FIPS)

On Windows platforms that are supported by AppScan Standard, AppScan Standard supports FIPS Publication 140-2, by using a FIPS 140-2 validated cryptographic module and approved algorithms.

National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a

NIST SP 800-131A guidelines provide cryptographic key management guidance. These guidelines include:

Key management procedures
How to use cryptographic algorithms
Algorithms to use and their minimum strengths
Key lengths for secure communications

Government agencies and financial institutions use the NIST SP 800-131A guidelines to ensure that the products conform to specified security requirements.

Enabling FIPS 140-2 compliance on your operating system

Go to Start > Control Panel > Administative tools > Local Security Policy.
Go to Security Settings > Local Policies > Security Options > System Cryptography and enable the Use FIPS compliant algorithms for encryption, hashing, and signing security setting.