Home
Scanning and monitoring
Learn how to run scans and IAST monitoring sessions on your apps, and import issues from 3rd party scanners.

Scanning and monitoring
Learn how to run scans and IAST monitoring sessions on your apps, and import issues from 3rd party scanners.
- Sample apps and scripts
  Use these sample applications to practice scanning with ASoC.
- Dynamic (DAST) scanning
  ASoC can perform dynamic analysis of an application that runs in a browser. Use the configuration options available in ASoC, or upload an AppScan Standard configuration.
- Static (SAST) scanning
  Use static analysis to scan applications for security vulnerabilities. To accomplish this, either use AppScan Go! or download a small client utility and use its command line interface (CLI) perform security analysis on on either source code or binary files for all supported languages. Static analysis plug-ins for Eclipse, IntelliJ IDEA, and Visual Studio are available through their respective marketplaces. Once plugins are installed, you can scan Java projects in Eclipse and IntelliJ IDEA, or .NET (C#, ASP.NET, VB.NET) projects in Visual Studio. Additional information on plugins and integrations is listed here.
- Interactive (IAST) monitoring
  ASoC can monitor normal application runtime behavior, to detect vulnerabilities.
- Mobile scanning
  ASoC can perform interactive and static analysis of iOS and Android applications.
- Personal scans
  A Personal scan is a way of evaluating the relative security of an application in development without affecting overall application scan data, or compliance.
- Private sites
  An AppScan Presence on your server enables you to scan sites not accessible from the Internet.

Scanning and monitoring

Learn how to run scans and IAST monitoring sessions on your apps, and import issues from 3rd party scanners.

Use the Create scan wizard to select the type of scan you want to run. Start the wizard from Application > Application > Scans.