Creating a scanner profile for importing a CSV file

The scanner profile is used to import security issues (in a CSV file) that are discovered by third-party sources, such as WhiteHat Sentinel, or manual pen testing. Edit issue attributes for each scanner profile so that you can then map the issue attribute names of a third-party source to the issue attribute names that AppScan® Enterprise uses.

Procedure

  1. On the Portfolio tab of the Monitor view, go to List menu > Edit Scanner Profile Template.
  2. Create or modify a profile template. Give the profile a name and a description.
  3. Enable the Remove Orphaned Issues check box if you want to remove issues that were previously found in an application but are not included in subsequent imports.
    Note: When the check box is enabled, there is the potential to permanently delete all issues with the same scan name and scanner. If you use the same scan name with the same scanner on subsequent imports, any issues that are previously found by the scanner and are not found in the latest results are permanently deleted.
  4. Click Edit to modify the issue attributes:
    1. On the Edit Scanner Profile page, define the mapping between the issue attribute names that the third-party scanner uses and the issue attribute names that AppScan® Enterprise uses.
    2. Enable the Unique check box if the attribute name helps to identify the issue as a unique issue. If the attribute contributes to uniqueness, it must have a valid value in the CSV file or it isn't imported.
    3. Keep the Use Imported Values check box enabled if you want to update an existing issue attribute with values contained in the imported file. If you clear the check box, AppScan Enterprise will retain the value previously used.
    4. Click Edit Layout to determine the order in which issue data appears in the About this Issue report for this scanner, and then click OK.
  5. Click OK when you are finished with the template.

What to do next

Importing issues from an internal or a third-party scanner