Home
Getting started
Security is about protecting your valuable assets. Some of the most important assets your organization owns are in the form of information, such as intellectual property, strategic plans, and customer data. Protecting this information is critical for your organization to continue to operate, be competitive, and meet regulatory requirements.
Service Description
The service description describes the HCL AppScan on Cloud service.

Welcome
Welcome to the documentation for HCL AppScan on Cloud.
Getting started
Security is about protecting your valuable assets. Some of the most important assets your organization owns are in the form of information, such as intellectual property, strategic plans, and customer data. Protecting this information is critical for your organization to continue to operate, be competitive, and meet regulatory requirements.
- Recent updates
  Discover upcoming and recently added features.
- System requirements
  This topic provides links to system requirements and supported operating systems and languages for the ASoC analyzers. Also learn about the supported browsers and minimum resolution for the service.
- Data center selection
- Create an ASoC account
- Subscriptions
  My Subscriptions shows the status of all your organization's subscriptions, including the number applications or scans left, and the start and end dates.
- Workflow
  This section outlines a typical ASoC workflow for an authorized user with a valid subscription.
- Sample apps and scripts
  Use these sample applications to practice scanning with ASoC.
- Demo videos
  These 'how-to' videos demonstrate using ASoC and how it fits into your workflow, and offer tips and tricks.
- Contact and Support
  Some useful links.
- Certifications
  ISO/IEC certificates.
- Service Description
  The service description describes the HCL AppScan on Cloud service.
- Trial Terms of Use
  TRIAL AGREEMENT FOR HCL APPSCAN ON CLOUD SERVICE
Navigation
This section describes the items on the main ASoC menu bar, and links to more detailed information.
Administration
Define users, applications, policies, and configure DevOps integrations.
DAST
AppScan on Cloud performs security scans for web-applications for production, staging and development environments. For development environments it is aided by Private Site Scanning technology to scan applications not accessible to the open Internet.
IAST
Using an agent installed on your application, ASoC identifies security vulnerabilities in your app during runtime, by monitoring all interactions, both legitimate and malicious. The process is "passive", in the sense that IAST does not send its own tests, and can therefore run indefinitely.
Static analysis
Use static analysis (SAST) to scan for security vulnerabilities in web and desktop applications. Static analysis includes Intelligent Finding Analytics (IFA) and Intelligent Code Analytics (ICA).
Results
The Scan History tab of your application displays your scan results (including scan statistics) and rescan options.
Troubleshooting
If you experience problems with this service, you can perform these troubleshooting tasks to determine the corrective action to take.
FAQ & Reference
Frequently asked questions, information about integrating ASoC into the product lifecycle (SDLC), and ASoC API documentation.

Service Description

The service description describes the HCL AppScan on Cloud service.

For the most up-to-date service description, see the HCL AppScan on Cloud license agreement and service description. Additional terms are set forth in the HCL Cloud Services Agreement.