What's new in HCL AppScan® Enterprise
Important Notice
For HCL AppScan Enterprise version 10.0.2 and newer, an HCL license is required. HCL AppScan Enterprise versions 10.0.2 and newer do not support IBM licenses. See the product documentation for instructions on installing an HCL License. For more information contact your HCL representative or HCL Support.
New in HCL AppScan® Enterprise 10.0.4
This section describes new product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.
IAST - Interactive application security testing
- Configuration Manager utility can be used to configure IAST Service properties (see, Configuring IAST Service through Configuration Manager).
- Improvements made to IAST agent.
SQL Server 2019 support
Users can now use SQL Server 2019 as the Database for AppScan Enterprise Server.
Note: Minimum
version CU4 update is required.
REST API
- Administrators can now retrieve information regarding users last login to AppScan Enterprise (with /consoleusers API).
- Improved login verification to report failed login before scan starts (to activate: see, Early detection of Login failure due to out-of-session).
- Import .login file, from AppScan Standard or AppScan Dynamic Analysis Client (ADAC) for scanning (with /job/{jobId}/dastconfig/updatetraffic/{action} API).
Scanning improvements
- Support for scanning HTTP/2 applications.
- Angular support: Improved coverage of Angular web sites.
- AWS Cognito is now supported.
Proxy server improvements
- Support for HTTPS.
- Ability to define a Port range.
General improvements
- Improved user session expiration behavior across various pages (see, Automatic session timeout handling in AppScan Enterprise). User will now be notified when the session is about to expire due to inactivity.
- Configuration wizard improvements to notify users about:
- Required permissions when sufficient privilege for service account user is not met.
- Agent Machine that is unable to contact AppScan Enterprise server during configuration.
- Additional notes added to Scan Assessment in AppScan Source can now be viewed in AppScan Enterprise comments section after importing.
Removed in this release
- Generic Service Client (GSC) integration.
- AppScan Enterprise agent support on 32-bit operating system.
Will be removed in a future release
The following will be removed in a future release:
- X-Force categorization in Advisories and Issue Details.
- AppScan Enterprise server on 32-bit Windows Operating System.
- AppScan Enterprise plug-in for Internet Explorer browser.
- Malware detection capability.
- SSL 3.0 support.