Correlating static analysis data with dynamic analysis data

Import data from AppScan® Source to correlate its findings with an existing dynamic analysis security scan (AppScan Enterprise Server content scan job or an AppScan Standard import job).

About this task

You must have access to an AppScan Source OZASMT assessment file.
Note: When you import an assessment file from AppScan Source, if the findings differ only by the trace, AppScan Enterprise Server rolls up those findings into a single issue with multiple variants. See the job statistics page for more information.

Procedure

  1. Go to the Folder Content Summary page and click the Create icon (Create).
  2. On the Create Folder Item page, select an Import Job and give it a Name and Description. Associate it with an Application from the list. Associated jobs appear in the application's Scans view in the Applications tab. Then click Create.
  3. On the What to Import page, select AppScan Source Results Import (OZASMT files exported from AppScan Source).
  4. Select an existing content scan job or AppScan Standard import job.
  5. In the Security Vulnerabilities Correlation section of the page, select the Enable correlation check box, and click Select Job.
  6. On the Security Vulnerabilities Correlation page, select an existing content scan job or import job and click Select.
  7. Back on the What to Import page, click Save and then run the job.