Creating and managing filters

AppScan® Source offers multiple methods for creating and using filters. The main view for filter creation, the Filter Editor view, provides a robust set of rules which can be manually set and then saved to a filter. The Filter Editor view also provides a mechanism for managing filters that you have created - allowing you to easily modify or remove them. Alternately, you can filter the findings table using views that offer graphical representations of the findings - and then save those filters in the Filter Editor view. When you create a filter, the other views update to reflect the filter properties.

Creating, managing, and applying filters in the Filter Editor view

The Filter Editor view allows you to create filters by specifying filter rules. Filters created in the Filter Editor view can be saved, modified, and removed. Once a filter is created in this view, it can be applied via drop down menu in the view. See Creating and managing filters in the Filter Editor view.

In AppScan Source for Analysis, you can share filters that you have created to the AppScan Enterprise Server - and access filters that others have shared. In AppScan Source for Development, you can access shared filters if you are running in server mode.

Note: In AppScan Source for Development (Visual Studio plug-in), this view is part of the Edit Filters window.

Filtering from the Assessment Summary and Vulnerability Matrix views

Note: In AppScan Source for Development (Visual Studio plug-in), these views are part of the Edit Filters window.

The Assessment Summary and Vulnerability Matrix views offer a graphical representation of findings. In these views, findings are grouped in different ways. These groups can be selected to filter the findings table so that it displays only those findings that are within the selected group or groups. Any filtering that you do by this method is automatically reflected in the Filter Editor view, from which you can then save the filter settings.

Creating filters in the Sources and Sinks view

Note: The Sources and Sinks view is not available in AppScan Source for Development (Visual Studio plug-in).

The Sources and Sinks view provides the ability to view and filter findings based on a trace of input and output. Filtering that is done in this view can be saved directly in the view. While creating the filter, you have the option of applying it immediately to the scan results.

See Creating filters in the Sources and Sinks view.