The main menu bar

This section describes the items on the main AppScan 360° menu bar, with links to more detailed information.

The main menu bar appears as a black, vertical strip of icons on the left side of the screen. By default the menu bar is collapsed, and only the six main icons are shown. Click an empty part of the menu bar to see all items and sub-items, with their full names.
Note: Depending on your permissions, some of the items listed below may not appear on your menu bar.





You must create an application before you can start your first scan.

An AppScan 360° application is a collection of scans related to the same project. It can be a web site, a desktop application, a web service, or any component of an application. Applications enable you to asses risk, identify trends, and make sure that your project is compliant with industry and organization policies.

The Applications page lists all applications in your organization that are within the asset groups to which you are assigned. You can use it to create new applications, and open individual application pages. See All applications

Scans and sessions

A list of all scans in your applications. The list can be filtered by technology (DAST, SAST), status (Completed, Failed, etc.), and a search string. Each scan entry can be expanded to show more details. See Scans and sessions


The dashboard helps you track a variety of metrics and trends for you applications. The upper Current state area has four pie charts with details of Risk rating, Testing status, Issues, and the five most Common issue types found in the scan. The lower History area has three graphs showing changes over time between dates you choose: Risk rating, Testing status, and Issues.

See Dashboard.

Tools >

Plugins and APIs
Links to plugins and APIs compatible with AppScan 360°.
API key
Used for generating an API key for using the AppScan 360° API. See REST API, and Generating API Keys.

Organization >

Policies are a way of filtering the issues found in scans so you see only those that are relevant to you. You can create your own policies, or use the predefined policies. You can associate up to five policies with any application. See Policies.
This view is available to administrators only and is used to create and manage business units.
Subscriptions view shows the status of all your organization's subscriptions, including the number applications or scans left, and the start and end dates.
Audit trail
A table detailing user activity including time stamp, user name, activity, object and more. You can configure which columns to show. Administrators see actions of all users; users see their own actions. You can search, filter, and export the displayed data. See Audit trail.

Access management >

Access management contains three pages to help you restrict access to sensitive applications by assigning them to asset groups and then adding specific users to those groups.

Invite and manage users. See Users
Define user roles. See Roles
Asset groups
Asset groups are a way of organizing your applications. For each group you create, you can add applications and assign users. Users only see applications in the asset groups to which they are assigned. See Asset groups