AppScan® Source for Analysis overview

AppScan® Source for Analysis is a tool for analyzing code and providing specific information about source code vulnerabilities in critical systems. AppScan® Source for Analysis lets you centrally manage your software risk across multiple applications, or even your entire portfolio. You can scan source code, triage, and eliminate vulnerabilities before they become a liability to your organization.

AppScan® Source for Analysis provides audit and quality assurance teams with tools to scan source code, triage results, and submit flaws to defect tracking systems.

Armed with in-context intelligence from the AppScan® Source Security Knowledgebase, analysts, auditors, managers, and developers can:

  • Scan selected source code on-demand to locate critical vulnerabilities
  • Receive precise remediation advice and invoke their preferred development environment and code editor directly from analysis
  • Trace tainted data through a precise, interactive call graph from input to output
  • Enforce coding policies, verifying approved input validation and encoding routines through AppScan® Source trace
  • Learn and implement secure programming best practices during software development
Note: As of version, AppScan® Source no longer supports macOS or iOS Xcode scanning.