AppScan Source for Analysis overview

AppScan® Source for Analysis is a tool for analyzing code and providing specific information about source code vulnerabilities in critical systems. AppScan Source for Analysis lets you centrally manage your software risk across multiple applications, or even your entire portfolio. You can scan source code, triage, and eliminate vulnerabilities before they become a liability to your organization.

AppScan Source for Analysis provides audit and quality assurance teams with tools to scan source code, triage results, and submit flaws to defect tracking systems.

Armed with in-context intelligence from the AppScan Source Security Knowledgebase, analysts, auditors, managers, and developers can:

  • Scan selected source code on-demand to locate critical vulnerabilities
  • Receive precise remediation advice and invoke their preferred development environment and code editor directly from analysis
  • Trace tainted data through a precise, interactive call graph from input to output
  • Enforce coding policies, verifying approved input validation and encoding routines through AppScan Source trace
  • Learn and implement secure programming best practices during software development
Note: As of version, AppScan Source no longer supports macOS or iOS Xcode scanning.