In the world of application development, security experts are often the professionals tasked with application security triage — sorting out critical issues to fix, prioritizing them with development teams, and creating reports. Accuracy is critical to this process, and good tools can really help.
HCL AppScan Standard has a new user interface with an upgraded triage process to help users leverage the software’s numerous Dynamic Application Security Testing (DAST) capabilities. Now it’s easier than ever to access the vulnerability testing results you need in order to see, prioritize, and hand off issues quickly to those who need to address them.
What follows is a quick look at these triage capabilities put together by the HCL AppScan Standard team. If you’re not an HCL AppScan Standard user, or don’t yet have the latest version, learn more here.
Search Things First
When you know what you’re looking for, you can search by any parameter in the issues table — from issue type or URL to tested element or remediation task.
”search-issues” animated GIF (do not include this text)
Group Issues by Issue Type
Whenever you need a high-level view of all your issue types, or triage issue type by issue type, simply group them and you’ll be able to see a much shorter list.
”issues-group-change-severity” animated GIF (do not include this text)
Group Issues by Remediation Task
Organizing issues according to the same fix method will make it easier for you to communicate with developers. You can group issues by remediation task and make it easier for developers to prioritize their work.
”issues-remediation-report” animated GIF (do not include this text)
Customize What You See
Through this platform, you decide what to see and in what order—whether that means hiding issues marked as noise or organizing issues from high to low severity, by URL, and more. You can also hide columns that are irrelevant to your day-to-day work and turn them on only when needed.
”filter-sort-columns” animated GIF (do not include this text)
Additional Actions
If you need still more customization in organizing issues, you can select some or all of them and export them to a CSV file. You can also select a handful of issues to share with developers and export them to a report—making communication with dev teams much simpler!
“multiselect-export” animated GIF (do not include this text)
We’re Listening to You
Many of the enhancements to HCL AppScan Standard have come about thanks to a tremendous collaboration with our customers—and remember, we’re always listening to your feedback and requests. You can share your feedback using our feedback button in HCL AppScan Standard, or you can add your comments and thoughts using this link.
Happy triage!
The HCL AppScan team