Home
Reports
Security reports
The Security report provides information about security issues discovered, and you can choose from a variety of templates depending on the type of content you need.
Limiting the size of Security reports
Tips for reducing a large Security Report to a more manageable size.

Welcome
Welcome to the documentation for HCL AppScan Standard version 10.8.0
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
Configuration
You configure a scan by choosing settings that best describe your application, and the kind of testing you want.
Manual exploring
Manual exploring enables you to explore specific parts of your application, filling in fields and forms as you go. This can be a way of ensuring that particular areas of the site are covered, and that AppScan has the information needed to complete forms correctly.
Scanning
Learn how to start a scan, and what happens during the scan; how to manually manipulate the Explore stage, and how to export the results of a scan.
Data
Data view is populated with information about the structure of the site during the Explore stage of the scan.
Issues
Issues view provides access to the results of a scan. You can view results at a high level or select specific tests or objects and access more details. These details include how to fix, requests/responses, and differences between the test variants that resulted in issues. You can manipulate the severity of issues, resend tests (with or without modifications), and create reports based on Issues.
Reports
- Customizing the report layout
  Using the Customize report layout option of the Create report dialog box, you can customize the appearance of your reports. This feature is optional, as you can simply generate reports using the default layouts.
- Viewing and saving reports
  Reports can be generated, viewed, and saved in various formats.
- Creating partial reports
  You can create a Security Report or a Template-Based Report for a subset of the scan results by right-clicking on the URL or folder for which you want to create the report.
- Earlier versions of report templates
  Earlier versions of some Industry Standard and Regulatory Compliance templates are saved in the "Old Versions" folder.
- Security reports
  The Security report provides information about security issues discovered, and you can choose from a variety of templates depending on the type of content you need.
  - Limiting the size of Security reports
    Tips for reducing a large Security Report to a more manageable size.
- Compliance reports
  Compliance reports consist of the Regulatory Compliance reports and the Industry Standards reports. The regulatory compliance reports let you know if your application complies with specific regulations or legal standards. The industry standards reports let you know if your application complies with standards of a selected industry committee.
- Delta Analysis reports
  The Delta Analysis report compares two sets of scan results and shows the difference in URLs and/or security issues that were discovered in them.
- Template-based reports
  The Template-based tab of the Create report dialog box enables you to create reports in Microsoft® Word DOC and DOCX formats, with exactly the data you want, and the document formatting you define.
Tools
This section explains how to use additional tools provided with HCL AppScan Standard.
Integrations
This section describes integrations of other applications with AppScan Standard:
Best practices
This section contains some best practices and use cases for advanced users.
FAQ & Troubleshooting
CLI
This section describes the syntax and options available using the Command line interface.
References
Menus and toolbar summaries, and glossary

Limiting the size of Security reports

Tips for reducing a large Security Report to a more manageable size.

About this task

Security reports can be quite large. If you receive a warning that the report will be hundreds of pages long, or if the creation process times out, try these tips to reduce the report size while still including the information that matters to you.

Procedure

One way to reduce the report size is by limiting it to a specific part of the application. You can do this by selecting the relevant node in the application tree, right-clicking it, and selecting Report for this node > Security. This will create a report for all parts of the application under the selected node.
If your scan results contain thousands of issues, consider generating only a Summary or the Default Report with the Additional Issue Information checkbox cleared.
By default, all test types are included in reports (Min. Severity = Informational). Try increasing the Min. Severity setting so that only High, or High and Medium severity issues are included.
Verify that the Max. Variants setting is 1, so that no more than a single variant is included for each issue.
Be aware that including Variants > Request/Response, and How to Fix can significantly increase the report's size. Select these options only if needed.