Scanning

You can scan an Eclipse or Rational® Application Developer for WebSphere® Software (RAD) workspace, project, or file. This includes scanning Java™ (including Android), JavaServer Pages (JSP), and IBM® MobileFirst Platform projects.

Before you begin

See Scan considerations to learn about operating system-specific considerations, language-specific considerations, or other restrictions that may affect your scans.

Note: If you are scanning an IBM MobileFirst Platform project, see Scanning a MobileFirst Platform project.
Note: As of version 9.0.3.11, AppScan® Source no longer supports macOS or iOS Xcode project scanning.

About this task

When you select a scan action, the scan configuration that has been chosen in Scan Configuration dialog box will be applied. For information about scan configurations, see Scan configurations.

Right-click the application in the Package Explorer and select Run Scan from the menu or follow these steps:

Right-click the project in the Solution Explorer and select Scan Project from the menu or follow these steps:

Procedure

  1. Import or create a workspace,solution, project, or file.
  2. Choose one of these options from the main menu:
    • Security Analysis > Scan > Scan Workspace
    • Security Analysis > Scan > Scan Project
    • Security Analysis > Scan > Scan File
    • HCL AppScan Source > Scan > Scan Solution
    • HCL AppScan Source > Scan > Scan Project
    • HCL AppScan Source > Scan > Scan File
  3. The scan begins and messages display in the Console viewOutput window.

Results

If you are connected to the AppScan Enterprise Server and you are scanning an application for which custom rules were created in AppScan Source for Analysis, the scan will include those custom rules.