Scanning

You can scan an Eclipse or Rational® Application Developer for WebSphere® Software (RAD) workspace, project, or file. This includes scanning Java (including Android), JavaServer Pages (JSP), and IBM® MobileFirst Platform projects.

Before you begin

See Scan considerations to learn about operating system-specific considerations, language-specific considerations, or other restrictions that may affect your scans.

Note: If you are scanning an IBM® MobileFirst Platform project, see Scanning a MobileFirst Platform project.
Note: As of version 9.0.3.11, AppScan® Source no longer supports macOS or iOS Xcode project scanning.

About this task

When you select a scan action, the scan configuration that has been chosen in Scan Configuration dialog box will be applied. For information about scan configurations, see Scan configurations.

Right-click the application in the Package Explorer and select Run Scan from the menu or follow these steps:

Right-click the project in the Solution Explorer and select Scan Project from the menu or follow these steps:

Procedure

  1. Import or create a workspace,solution, project, or file.
  2. Choose one of these options from the main menu:
    • Security Analysis > Scan > Scan Workspace
    • Security Analysis > Scan > Scan Project
    • Security Analysis > Scan > Scan File
    • HCL AppScan Source > Scan > Scan Solution
    • HCL AppScan Source > Scan > Scan Project
    • HCL AppScan Source > Scan > Scan File
  3. The scan begins and messages display in the Console viewOutput window.

Results

If you are connected to the AppScan® Enterprise Server and you are scanning an application for which custom rules were created in AppScan® Source for Analysis, the scan will include those custom rules.