Roles and workflows

AppScan 360° Roles

Not all AppScan 360° functions and tasks are performed by the same person – though they could be. Ensure the persons performing AppScan 360° tasks have the appropriate permissions on relevant systems and according to company policy for their roles.

Administrative tasks

Administrative tasks are higher-level tasks that enable users to run and report on scans seamlessly within organizational policy and guidelines. Administrator tasks include, but may not be limited to:

• Installation of AppScan Central Platform
• Installation of AppScan Remediation Advisories
• Troubleshooting installation
• Defining and administering users
• Defining and administering asset groups
• Defining and administering policies
• Setting up DevOps integrations
• Overseeing audits
• Regularly reviewing AppScan 360° operation and settings

User tasks

User tasks are core scanning and remediation tasks. With administrative tasks complete, users can focus on making sure code is clean and secure. User tasks include, but may not be limited to:

• Creating applications
• Setting up scans
• Configuring scan automation
• Running scans
• Working with logs
• Triaging scan results
• Understanding issues
• Running reports
• Remediating code
• Rescanning

Common workflows

How you work within your organization depends on a variety of factors. However there are some common workflows.

IT administrator workflow

• Set up the environment for AppScan 360° and prepare configuration file
• Download and install AppScan Central Platform
• Installing the AppScan Remediation Advisories
• Verify correct installation
• Upgrade ASCP and AppScan 360° as needed
• Configure DevOps integrations

AppScan administrator workflow

• Set up users
• Set up asset groups
• Set up policies

AppScan user workflow

• Set up applications
• Configure and run scans
• Triage results, including traces and fix groups
• Run reports
• Understand issue status and severity
• Remediate issues
• Rescan
• Repeat triage, reporting, and remediation as needed