Properties view: selected application

In this view, you configure attributes for the selected application. Application attributes depend on previously-created global attributes.

Overview

The Overview tab displays:

  • The application Name. Enter a new name in the field to rename the application.
  • Scan for secrets: Select Enable scanning for secrets to invoke secrets scanning for source code-only scan along with other relevant scanners. When invoked, the engine checks for hardcoded passwords, credit card numbers, and Social Security numbers (SSN) when those secrets are detected in the code being scanned.

    When creating a new application, the secrets scanning setting of the first project is copied to the new application (.paf) by default.

    Note: If Enable scanning for secrets is checked, and an all applications scan is triggered, AppScan® Source invokes tje secret scanners for all the projects, along with the relevant project scanners.
  • Application attributes

Exclusions and Filters

This tab allows you to specify existing filters for the selected application, and how you want the filters applied (a filter can be applied directly - or its inverse can be applied). In the tab, you can also manage bundles that exclude results from your scan. See Triage and analysis for information about filters - and Applying filters globally for details about applying them globally.

Excluded and filtered findings do not appear in scan results or factor into application or project metrics.

Exclusions and Filters tab

Rules and Rule Sets

When you select an application in the Explorer view, the Pattern Rules and Rule Sets tab in the Properties view allows you to add pattern rules and rule sets that will be applied when scanning the application. Using pattern-based scanning, you search for text patterns that you want to appear as findings. Individual rules and rule sets can be applied to both applications and projects. See Customizing with pattern-based rules to learn about pattern-based analysis and Applying pattern rules and rule sets to learn how to apply rules and rule sets in the Properties view.

Modified Findings

On the Modified Findings tab, you view, edit, or delete any previously modified findings, or modify an existing finding. Modified findings are findings with altered vulnerability type, severity, classification, or notes.

Custom Findings

On the Custom Findings tab, you view, add, edit, or delete custom findings. See Custom findings for more details.