Welcome
Welcome to the documentation for HCL AppScan Standard version 10.4.0
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
- Overview
- What's new
  This section describes new AppScan Standard product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.
- System requirements
  A summary of the minimum hardware and software required for the machine that runs AppScan Standard.
- Installing
  The installation wizard guides you through the fast and simple process.
- License
  This section describes for the trial and paid versions of AppScan Standard.
- How an automatic scan works
  This topic explains the difference between the "stages" and "phases" of a scan.
- Web application vs. web API
  This topic explains the different methods available for exploring sites, before AppScan tests them.
- Basic workflow
  A diagram showing a simple AppScan workflow using the scan configuration wizard.
- Home screen
  Describes the options available from the home screen that opens when you load AppScan.
- Tour of the main screens
  Describes the components of the AppScan main screen (Issues view), and all menus and toolbars.
- Tutorial
  This simple tutorial goes through the steps of configuring a simple application scan using the Scan Configuration wizard, running the scan, and reviewing the results.
- Sample files
  The sample files can help give you a feel for using AppScan and what scan results look like.
Configuration
You configure a scan by choosing settings that best describe your application, and the kind of testing you want.
Manual exploring
Manual exploring enables you to explore specific parts of your application, filling in fields and forms as you go. This can be a way of ensuring that particular areas of the site are covered, and that AppScan has the information needed to complete forms correctly.
Scanning
Learn how to start a scan, and what happens during the scan; how to manually manipulate the Explore stage, and how to export the results of a scan.
Data
Data view is populated with information about the structure of the site during the Explore stage of the scan.
Issues
Issues view provides access to the results of a scan. You can view results at a high level or select specific tests or objects and access more details. These details include how to fix, requests/responses, and differences between the test variants that resulted in issues. You can manipulate the severity of issues, resend tests (with or without modifications), and create reports based on Issues.
Reports
This section describes how to generate reports from the scan results.
Tools
This section explains how to use additional tools provided with HCL AppScan Standard.
Integrations
This section describes integrations of other applications with AppScan Standard:
Best practices
This section contains some best practices and use cases for advanced users.
FAQ & Troubleshooting
CLI
This section describes the syntax and options available using the Command line interface.
References
Menus and toolbar summaries, and glossary

Step 3: Reviewing Scan Results

About this task

When the scan is complete, the results are summarized in the Dashboard view. In Data and Issues views the results are shown in three areas: the Application tree, the Result list, and the Detail pane. The type of information presented in each area depends on the View selected (default is Issues view).

Procedure

To access a view, click the View selector on the left side of the screen.


View	Description
Dashboard	The dashboard shows a summary of the scan's configuration, status, data and results.
Data	Data view showss lists of content items found in your application. This can be a useful way of verifying that the scan is configured in a way that will cover your application, before you begin the Test stage. Application tree: Shows the URL and folder nodes. Result list: Shows application data, sorted by scan results (see Data: Result list). For example, you can choose to see a list of broken links, of JavaScript™, of cookies, and so on. Detail pane: Shows the request sent to a page and the response that was received. To learn more about the Application Data view, see Data.
Issues	Issues view provides comprehensive data of the security issues discovered by the scan. Application tree: Shows the folders, URLs, and files that AppScan discovered in your application are listed. The number next to each node in the tree indicates how many issues were found. Result list: Shows an icon per issue, indicating the severity value that is assigned to this issue (see Issues: Result list). Each issue also holds a consolidation of the URLs that are vulnerable to this issue. Under each URL, is a listing of the vulnerable data. Detail pane: Displays information to enable you to understand why this is an issue, what it can do if gone untreated, how to fix, the variants of the test requests that were sent, the response of your application for which AppScan marked the test as an issue, and more. To learn more about the Issues view, see Issues.
Scan log	The scan log can be opened or closed from all views, using the Scan log icon at the right side of the status bar at the bottom of the screen.

See Step 4: Working with results.