Welcome
Welcome to the documentation for HCL AppScan Standard version 10.8.0
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
Configuration
You configure a scan by choosing settings that best describe your application, and the kind of testing you want.
Manual exploring
Manual exploring enables you to explore specific parts of your application, filling in fields and forms as you go. This can be a way of ensuring that particular areas of the site are covered, and that AppScan has the information needed to complete forms correctly.
Scanning
Learn how to start a scan, and what happens during the scan; how to manually manipulate the Explore stage, and how to export the results of a scan.
Data
Data view is populated with information about the structure of the site during the Explore stage of the scan.
Issues
Issues view provides access to the results of a scan. You can view results at a high level or select specific tests or objects and access more details. These details include how to fix, requests/responses, and differences between the test variants that resulted in issues. You can manipulate the severity of issues, resend tests (with or without modifications), and create reports based on Issues.
Reports
- Customizing the report layout
  Using the Customize report layout option of the Create report dialog box, you can customize the appearance of your reports. This feature is optional, as you can simply generate reports using the default layouts.
- Viewing and saving reports
  Reports can be generated, viewed, and saved in various formats.
- Creating partial reports
  You can create a Security Report or a Template-Based Report for a subset of the scan results by right-clicking on the URL or folder for which you want to create the report.
- Earlier versions of report templates
  Earlier versions of some Industry Standard and Regulatory Compliance templates are saved in the "Old Versions" folder.
- Security reports
  The Security report provides information about security issues discovered, and you can choose from a variety of templates depending on the type of content you need.
- Compliance reports
  Compliance reports consist of the Regulatory Compliance reports and the Industry Standards reports. The regulatory compliance reports let you know if your application complies with specific regulations or legal standards. The industry standards reports let you know if your application complies with standards of a selected industry committee.
- Delta Analysis reports
  The Delta Analysis report compares two sets of scan results and shows the difference in URLs and/or security issues that were discovered in them.
- Template-based reports
  The Template-based tab of the Create report dialog box enables you to create reports in Microsoft® Word DOC and DOCX formats, with exactly the data you want, and the document formatting you define.
Tools
This section explains how to use additional tools provided with HCL AppScan Standard.
Integrations
This section describes integrations of other applications with AppScan Standard:
Best practices
This section contains some best practices and use cases for advanced users.
FAQ & Troubleshooting
CLI
This section describes the syntax and options available using the Command line interface.
References
Menus and toolbar summaries, and glossary

Reports

This section explains how to create reports from scan results and outlines the different types of reports available.

After AppScan has assessed your site's vulnerability, you can generate customized reports configured for the various personnel in your organization, from developers, internal auditors, and penetration testers to managers and executives.

There are four basic types of reports, as described below. The Security Report includes many options that can be included or excluded depending on who the report is intended for.

You can create reports and save them to view later.


Name	Short Description
Security reports	Report of security issues found during the scan. Security information may be very extensive and can be filtered depending on your requirements. Six standard templates are included, but each can easily be tailored to include or exclude categories of information, as necessary.
Compliance reports	Report of the compliance (or non-compliance) of your application with a large choice of regulations or legal standards, a selected industry committee, or your own custom regulatory or standards checklist.
Delta Analysis reports	The Delta Analysis report compares two sets of scan results and shows the difference in URLs and/or security issues discovered.
Template-based reports	Custom report containing user-defined data and user-defined document formatting, in Microsoft® Word DOC and DOCX formats.