Findings reports and audit reports

Security analysts and risk managers can access reports of select findings or a series of audit reports that measure compliance with software security best practices and regulatory requirements. This section explains how to create reports of aggregate finding data.

AppScan® Source for Analysis generates two report types - Findings Reports and AppScan Source Reports. A Findings Report is a report of selected findings. An AppScan Source Report is a report based on categorized groupings of all findings tailored to a specific security policy. AppScan Source reports are listed in AppScan Source reports.

Reports provide the details about findings gathered during a particular scan, and all AppScan Source reports can contain any notes and trace data added to the findings. The length of the report depends on the number of findings included in the report. You can generate reports as PDF files or in Hypertext Markup Language (HTML). HTML reports function like web pages where you can jump to a section by clicking a button or link. Then you can navigate through the information using browse functions found in web browsers.

Reports also list any scan-time filters that have been applied to the findings. Scan-time filters are described in Determining applied filters.