Welcome
Intelligent Finding Analytics (IFA)
Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) and machine learning (ML) to analyze data, discover patterns, and make predictions, ultimately transforming data into actionable insights. IFA goes beyond regular data analysis by using advanced methods to find deeper meanings and make smart decisions.

Welcome
Welcome to the documentation for HCL AppScan Standard version 10.10.0
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
Configuration
You configure a scan by choosing settings that best describe your application, and the kind of testing you want.
Intelligent Finding Analytics (IFA)
Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) and machine learning (ML) to analyze data, discover patterns, and make predictions, ultimately transforming data into actionable insights. IFA goes beyond regular data analysis by using advanced methods to find deeper meanings and make smart decisions.
- DAST for LLM-augmented applications
  Dynamically test large language model (LLM) features in your application for sensitive information disclosure, prompt injection, data exfiltration, tool abuse, content policy violations, and more before attackers exploit them. Configure AppScan to target chat endpoints, retrieval-augmented generation (RAG) pipelines, and other LLM components, and then review reproducible findings with full transcripts and remediation guidance.
- AI for smarter error page detection
  Intelligent Finding Analytics (IFA) in Dynamic Application Security Testing (DAST) augments error page detection by reducing false positives and enhancing test results. HCL AppScan DAST uses heuristic and comprehensive methods to identify error pages, with Gen AI now selectively employed to confirm errors and handle edge cases, thus increasing accuracy and minimizing scan times.
Manual exploring
Manual exploring enables you to explore specific parts of your application, filling in fields and forms as you go. This can be a way of ensuring that particular areas of the site are covered, and that AppScan has the information needed to complete forms correctly.
Scanning
Learn how to start a scan, and what happens during the scan; how to manually manipulate the Explore stage, and how to export the results of a scan.
Data
Data view is populated with information about the structure of the site during the Explore stage of the scan.
Issues
Issues view provides access to the results of a scan. You can view results at a high level or select specific tests or objects and access more details. These details include how to fix, requests/responses, and differences between the test variants that resulted in issues. You can manipulate the severity of issues, resend tests (with or without modifications), and create reports based on Issues.
Reports
Tools
This section explains how to use additional tools provided with HCL AppScan Standard.
Integrations
This section describes integrations of other applications with AppScan Standard:
Best practices
This section contains some best practices and use cases for advanced users.
FAQ & Troubleshooting
CLI
This section describes the syntax and options available using the Command line interface.
References
Menus and toolbar summaries, and glossary

Smarter DAST scans with Intelligent Finding Analytics (IFA)

Intelligent Finding Analytics (IFA) uses artificial intelligence (AI) and machine learning (ML) to analyze data, discover patterns, and make predictions, ultimately transforming data into actionable insights. IFA goes beyond regular data analysis by using advanced methods to find deeper meanings and make smart decisions.

IFA for Dynamic Application Security Testing (DAST) augments scan accuracy and coverage by minimizing false positives, finding vulnerabilities in Large Language Model (LLM)- integrated applications, and optimizing test selection. It uses AI, machine learning, or statistical analysis to improve test coverage and accuracy. Currently, IFA focuses on the following applications, with plans to expand its features in the future:

DAST for LLM-augmented applications: Safeguard your business from LLM risks with AppScan DAST, specifically engineered to identify critical vulnerabilities like sensitive information disclosure, prompt injection, and more.
AI for smarter error detection augments AppScan heuristics to improve error page detection. This advanced AI tool enhances the accuracy of identifying and analyzing error pages within applications, ensuring more precise security assessments.
Test optimization uses AppScan’s intelligent test filtering to select the most relevant tests while reducing false positives. A full regular scan, which involves thousands of tests, can be overly time-consuming. To save time during early development or for a quick security check, you can use test optimization, which offers three speed levels: Fast, Faster, and Fastest. This method uses intelligent algorithms and statistical analysis to bypass less critical tests, focusing only on the most common and severe vulnerabilities. This significantly reduces the scan time. For a more detailed examination, you can run a full scan later in the development process or at specific intervals.