AppScan Source predefined filters (Version 8.7.x and earlier)

This topic lists predefined filters that were included in AppScan® Source Version 8.7.x and earlier.

If you need to access these filters, follow the instructions in Restoring archived predefined filters.

! - The Vital Few

This filter matches findings from some of the most dangerous vulnerability categories. Only findings which originate in an external network communications source are included. This filter provides a laser-focused starting point for high risk findings. The specific categories which are included in this filter are:

Vulnerability.BufferOverflow
Vulnerability.BufferOverflow.FormatString
Vulnerability.PathTraversal
Vulnerability.CrossSiteScripting
Vulnerability.CrossSiteScripting.Reflected
Vulnerability.CrossSiteScripting.Stored
Vulnerability.Injection
Vulnerability.Injection.LDAP
Vulnerability.Injection.SQL
Vulnerability.Injection.OS
Vulnerability.Injection.XML
Vulnerability.Injection.XPath

High Priority - External Communications

This filter matches findings which originate from outside the application and across a network. This filter matches findings which originate at any Technology.Communications source.

High Priority - Important Types

This filter contains findings from some of the most dangerous vulnerability categories, such as CrossSiteScripting and Injection.SQL. The specific categories which are included in this filter are:

Vulnerability.AppDOS
Vulnerability.Authentication.Credentials.Unprotected
Vulnerability.Authentication.Entity
Vulnerability.BufferOverflow
Vulnerability.BufferOverflow.FormatString
Vulnerability.CrossSiteScripting
Vulnerability.CrossSiteScripting.Reflected
Vulnerability.CrossSiteScripting.Stored
Vulnerability.Injection
Vulnerability.Injection.LDAP
Vulnerability.Injection.OS
Vulnerability.Injection.SQL
Vulnerability.Injection.XML
Vulnerability.Injection.XPath
Vulnerability.PathTraversal

Low Priority - Test Code

This filter contains findings from test code. Specific types in this filter include:

Vulnerability.Quality.TestCode

Noise - Copy-like Operations

This filter contains findings that are concerned with copy-like operations. A copy-like operation occurs when data is taken from a source which may or may not be trusted, but actions performed on the data are trusted.

These patterns are looked for:

Technology.Database --> Vulnerability.Injection.SQL
Mechanism.SessionManagement --> Mechanism.SessionManagement
Technology.XML, Technology.XML.DOM, Technology.XML.Schema, 
Technology.XML.XPath --> Vulnerability.AppDOS.XML, 
Vulnerability.Injection.XML

Noise - Logging Issues

This filter contains findings related to error handling. The findings found emanate from an error handling routine to a logging mechanism. This pattern is matched:

Mechanism.ErrorHandling --> 
Vulnerability.Logging, Vulnerability.Logging.Forge, Vulnerability.Logging.Required

Noise - Low Severity

This filter contains findings with a severity of Low. All classifications are included.

Noise - Trusted Source

This filter contains findings that emanate from a trusted source. Only findings that have java.lang.System.getProperty.* as their source are included in this filter.