Standard desktop deployment

The standard desktop deployment is for a single AppScan® Source user in a small organization or a security analyst/auditor who performs security assessments, both onsite and offsite. It assumes no defect tracking system integration or build integration (through use of AppScan Source for Automation). This deployment model consists of two AppScan Source components, AppScan Source for Analysis (client) and the AppScan Enterprise Server, installed on one computer, such as a notebook. The desktop deployment model focuses on scan results and individual productivity and convenience rather than the ability to deploy AppScan Source across numerous computers and optimization around a team effort.

With this model, a user authenticates to the AppScan Enterprise Server using the AppScan Source administrative account, and no LDAP Directory Server integration is expected. This model assumes that a source control management client on the computer provides access to source code, or the source code resides on the computer.

The standard desktop deployment is ideal for a mobile auditor. For example, the auditor might work onsite and then want to finish some work at home or while traveling. If the auditor logs in to the notebook running AppScan Source for Analysis and the AppScan Enterprise Server while offsite, there is access to the source code and the saved assessments. Later, when the auditor returns to work onsite, reconnecting to the source control system allows for the return of the corrected source to the corporate repository. This model allows for the generation of leave-behind reports with all of the assessment result details.

The following diagram depicts a standard desktop deployment with client and server components on the same computer.


Standard desktop deployment flow diagram