Learn how to run scans on your apps and import issues from 3rd party scanners.
Use these sample applications to practice scanning with ASoC.
ASoC can perform interactive and static analysis of iOS and Android applications.
ASoC can perform dynamic analysis of an application that runs in a browser.
Use static analysis to scan source code for security vulnerabilities. To accomplish this, download a small client utility and use its command line interface (CLI) perform security analysis on all supported languages. The client utility also contains a Maven plugin that can be used to scan Java projects. Static analysis plug-ins for Eclipse, IntelliJ IDEA, and Visual Studio are available through their respective marketplaces. Once plugins are installed, you can scan Java projects in Eclipse and IntelliJ IDEA, or .NET (C#, ASP.NET, VB.NET) projects in Visual Studio.
ASoC can perform interactive analysis of normal application runtime behavior, for vulnerabilities.
A Personal scan is a way of evaluating the relative security of an application in development without affecting overall application scan data, or compliance.
an AppScan Presence on your server enables you to scan sites not accessible from the Internet.
Whether you use third-party scanners or conduct manual pen tests to discover issues, you can import the issues from a CSV file into ASoC for triaging.
Help Center