Home
Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
What's new
This section describes new AppScan Standard product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.

Getting started
This section provides a short tour of basic product features and procedures, including using the wizard to set up a scan.
- Overview
- What's new
  This section describes new AppScan Standard product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.
  - Highlights
    The user interface was updated significantly in version 10.0.7. This section describes the main changes for the benefit of users accustomed to the previous interface.
- System requirements
  A summary of the minimum hardware and software required for the machine that runs AppScan Standard.
- Installing
  The installation wizard guides you through the fast and simple process.
- License
  This section describes for the trial and paid versions of AppScan Standard.
- How an automatic scan works
  This topic explains the difference between the "stages" and "phases" of a scan.
- Web application vs. web API
  This topic explains the different methods available for exploring sites, before AppScan tests them.
- Basic workflow
  A diagram showing a simple AppScan workflow using the scan configuration wizard.
- Home screen
  Describes the options available from the home screen that opens when you load AppScan.
- Tour of the main screen
  Describes the components of the AppScan main screen (Issues view), and all menus and toolbars.
- Tutorial
  This simple tutorial goes through the steps of configuring a simple application scan using the Scan Configuration wizard, running the scan, and reviewing the results.
- Sample files
  The sample files can help give you a feel for using AppScan and what scan results look like.

What's new

This section describes new AppScan Standard product features and enhancements in this release, as well as deprecations and anticipated changes, where relevant.

New in HCL AppScan Standard 10.0.8

Automatic API scanning using an imported Postman Collection file. See Scan using a Postman Collection.
New: OWASP API Security Top 10 2019 Industry Standard Report.
Improved automatic update functionality.

Fixes and security updates

New security rules in this release include:

attSpringRemoteCommandExecution - Remote Command Execution on Spring Framework (CVE-2022-22965)
probeSpring - Probe Spring RCE (CVE-2022-22965)

For a complete list of fixes, security rule updates, and RFEs in this release see AppScan Standard Fix List.

Changed in this release

The Web Services Scan Wizard is renamed the Web API Scan Wizard, and the Web Services Scan Extension is renamed Web API Scan Extension.

Upcoming changes

The following will be removed in a future release:

The old UI is accessible in this release (but not updated since version 10.0.7). It will be removed altogether in a future release (see here)
The Web Services, The Vital Few, and Developer Essentials test policies will be removed, as similar results can now be achieved using other policies (see here)
Explore Optimization module
Ability to export scan results as XML for versions of AppScan Enterprise earlier than 9.0.3.1.