Deprecated features

If you are migrating from an earlier release of AppScan® Enterprise, you should be aware of the various features that have been deprecated in this release.

Deprecated features in Version 10.4.0

None

Deprecated features in Version 10.3.0

None

Deprecated features in Version 10.2.0

None

Deprecated features in Version 10.1.0

Feature Comments
Internet Explorer Browser support Microsoft Edge browser support is provided.
Import of issues from Mobile Analyzer report No longer fits the product direction.

Deprecated features in Version 10.0.8

Feature Comments
Internet Explorer Browser support for v8.0 and v9.0 Microsoft Edge browser support is provided.

Deprecated features in Version 10.0.7

None

Deprecated features in Version 10.0.6

Feature Comments
SSL 3.0 support No longer fits the product direction.

Deprecated features in Version 10.0.5

Feature Comments
Malware detection No longer fits the product direction.
X-Force categorization in Advisories and Issue Details (Integration with IBM SiteProtector) No longer fits the product direction.
.NET, J2EE, and PHP-specific information is no longer included in reports The new code-specific information for many languages, including these three, is available in the UI.
AppScan Enterprise server on 32-bit Windows Operating System Support on 64-bit operating system.
AppScan Enterprise plug-in used to record traffic for Internet Explorer browser Use HCL AppScan Traffic Recorder to record the traffic. Alternatively, you can use Activity recorder plugin in Chrome or Edge browsers to record explore data.

Deprecated features in Version 10.0.4

Feature Comments
Generic Service Client (GSC) integration. Use ADAC with Postman or SOAP UI integration, or record API traffic from any external client.
AppScan Enterprise agent support on 32-bit operating system. Support on 64-bit operating system.

Deprecated features in Version 10.0.3

Feature Comments
Manual Explorer Tool Use Manual Explore using browser or any other external client to record traffic.

Deprecated features in Version 10.0.2

Feature Comments
IBM License support No longer fits the product direction.

Deprecated features in Version 10.0.1

None

Deprecated features in Version 10.0.0

Feature Comments
Flash execution and parsing No longer fits the product direction.
Glass Box Scanning No longer fits the product direction.
HCL AppScan Enterprise Server on Linux platform. No longer fits the product direction.

Deprecated features in Version 9.0.3.14

Feature Comments
The JavaScript Analyzer (JSA) component has now been replaced by the Cross-Site Scripting Analyzer, to discover security issues more accurately. No longer fits the product direction.

Deprecated features in Version 9.0.3.13

Feature Comments

Due to the efficiency of Action-Based JavaScript Execution, these two redundant Request-Based JavaScript configuration options (and related Advanced Configuration Options) have been removed:

Execute JavaScript to discover URLs and dynamic content.

Execute JavaScript when replaying login.

These options are removed both in ADAC and web UI for both DAST and Content Scan jobs. If you load a scan saved in an earlier version, in which one or both of these check boxes was selected, the selection is now ignored.
Due to the improvements to the Cross-Site Scripting Analyzer, that enable it to better detect DOM-Based Cross-Site Scripting, when creating new scans all JavaScript Analyzer (JSA) rules are now disabled in the Default Test Policy, and will be removed altogether in a future version. Your existing scans and templates are not affected by this change. No longer fits the product direction.

Deprecated features in Version 9.0.3.12

Feature Comments

Request-Based JSX is being phased out by stages:

In this fix pack, the JavaScript Execution check box is cleared by default, but you can still select it if you find that Action-Based Exploring fails for a specific application.

In future releases, the mechanism will be removed entirely. Note that when you load a saved scan or template in which the JSX check box was selected it will remain selected. However, we suggest clearing the check box.

The new mechanism, Action-Based Exploring, utilizes an actual, embedded (Chromium-based) browser. Both mechanisms include JavaScript Execution (JSX), but we are now in the process of retiring the Request-Based JSX mechanism, as the newer technology duplicates and surpasses it.

Action-Based JSX more closely resembles the way a user interacts with the browser. It offers increased coverage and accuracy, and better support for new JavaScript frameworks as they emerge.

Deprecated features in Version 9.0.3.11 to 9.0.3.2

No features were deprecated in 9.0.3.11, 9.0.3.10, 9.0.3.9, 9.0.3.8, 9.0.3.7, 9.0.3.6, 9.0.3.5, 9.0.3.4, 9.0.3.3, 9.0.3.2 release versions.

Deprecated features in Version 9.0.3.1

Feature Comments
Similar content limit on the Explore Options page of a content scan job Use the AppScan® Dynamic Analysis Client to create scans. A full set of Explore options is available there.
Submitting defects to IBM® Rational Team Concert from a report in the Scans view Submit issues as defects from an app in the Monitor view. The data is not synced between the two views. See Creating issues from an app as defects or work items in Rational Team Concert.
Support for SUSE Linux Enterprise Server (SLES) for Glassbox scanning only No longer fits the product direction.
Support for Solaris (for AppScan® Source) No longer fits the product direction.
Support for Manual Explore plugins As newer browser versions become available, the plugin requires major re-writing, and no longer fits the product direction. There are several existing alternatives for recording login and manual explore data:
  • The Manual Explorer tool (available since v8.7)
  • The AppScan® Dynamic Analysis Client (available since v9.0.2.1)
  • AppScan® Standard

Deprecated features in Version 9.0.3

Feature Comments
Privacy reports No longer fits the product direction.
Charts with metrics for Issue Severity Max and Issue Severity Max by Business Unit Use these charts: Open Issues by Severity, Applications with Open Issues, and Open Issues.
Windows 2008 non-R2
Note: Windows Server 2008 only supports TLSv1.0. Scanning sites that require TLSv1.1 or TLSv1.2 will note work. Enterprise Console will not have TLSv1.1 or TLSv1.2 protocols available for the IIS hosted part of the application.
Upgrade the operating system to a 64-bit system. Plan for a server rebuild and reinstallation of AppScan® Enterprise.