HCL TECHNOLOGIES ABOUT US PRODUCTS & SOLUTIONS RESOURCES CONTACT US

Home
Security AppScan Source - Windows and Linux
HCL® AppScan® Source delivers maximum value to every user in your organization who plays a role in software security. Whether a security analyst, quality assurance professional, developer, or executive, the AppScan Source products deliver the functionality, flexibility, and power you need - right to your desktop.
Reference
Review reference information for the product.
Ounce/Maven plug-in
This section describes the Ounce/Maven plug-in, which uses Maven, an Apache build tool, to integrate AppScan® Source into the Maven workflow.
Ounce/Maven scenarios
Scanning applications
An AppScan® Source scan analyzes source code for security vulnerabilities. The result of a scan is an assessment, which is an XML file.

Scanning applications

An AppScan® Source scan analyzes source code for security vulnerabilities. The result of a scan is an assessment, which is an XML file.

Note: For detailed information about AppScan Source capabilities, see the HCL® AppScan Source for Analysis User Guide.

Use the ounce:scan goal from the command line to scan the application and its projects and optionally generate a report from the assessment.

After a scan is finished, Ounce/Maven allows you to:

Publish the assessment to the AppScan Source Database. This makes the assessment results available to other users with access to the database and the necessary privileges.
Generate a report.