To get the most out of AppScan Source, you should understand the basic concepts behind the AppScan Source for Analysis working environment and how to use the options that best fit your workflow.
The AppScan Source for Analysis workbench
AppScan Source for Analysis workflow occurs in a workbench, which consists of perspectives, views, and editors that display or are hidden, depending on context.
Perspectives
The three perspectives in the product Configuration, Triage, and Analysis -consist of multiple views. Although each perspective opens with default views, you can reorganize views to customize each perspective. The views are described in detail in the Chapter 14, “Views,” on page 185 section of the help.
v Configuration Perspective: Create and manage applications, projects, and attributes.
v Triage Perspective: View scan results to prioritize remediation workflow and separate real vulnerabilities from potential ones. This perspective can be used to isolate the issues that you need to fix first.
v Analysis Perspective: Drill down into individual findings - and review source code, remediation advice, and AppScan Source trace information.
Workbench window
The AppScan Source for Analysis workbench window consists of these elements:
v Main menu: Menus that access AppScan Source for Analysis functions v Toolbar: Icons and buttons for frequently-used functions
v Perspectives: Collections of views
v Views: Presentations and ways to navigate the information in the workbench
Toolbars and information at the bottom of the workbench
v Fast Viewtoolbar: Fast views are hidden views that can be quickly opened and closed. They work like other views except they do not take up space in your workbench window. Fast views are represented by toolbar buttons on the fast view bar, which is the toolbar on the bottom left of the workbench window.
When you click the toolbar button for a fast view, that view opens temporarily in the current perspective (overlaying it). As soon as you click outside that view or the view loses focus it is hidden again. To set a view as a fast view, click Show View as a Fast Viewand then choose the view from the menu.
v Selected findings: When findings are selected, an indicator at the bottom of the workbench displays the number of selected findings.
v Source file information: When a source file is open, this information about the file displays at the bottom of the workbench:
– Whether the file is writable or read-only. If you attempt to edit a read-only file, a prompt in AppScan Source for Analysis will allow you to set the file to writable.
– If your operating system input mode is insert or overwrite.
– The current cursor location in the file (line and column number).
v Server connection information: Hovering over the user icon indicates the user that is currently logged in to the AppScan Enterprise Server - and hovering over the server icon allows you to see the AppScan Enterprise Server that AppScan Source for Analysis is connected to.
v When an assessment is open, the bottom of the workbench includes this
– The name of the assessment, and the date and time of its creation.
– An indicator that allows you to quickly determine how filters have been applied to the findings in the assessment. See “Determining applied filters”
on page 95 for more information.
v A progress indicator is also displayed at the bottom of the workbench that indicates actions in progress. For example, this indicator appears during scans and assessment publication. In addition, this section indicates when an assessment is open.
Main menu
The main menu bar contains menus that allow you to perform a variety of actions.
Your user privileges may regulate the commands that are available to you in these menus.
v “AppScan Source”
v “File menu”
v “Edit menu” on page 179 v “Scan menu” on page 180 v “Tools menu” on page 181 v “Admin menu” on page 181 v “View menu” on page 181 v “Perspective menu” on page 182 v “Help menu” on page 182
AppScan Source
The AppScan Source menu provides quick links to key AppScan Source actions, along with common OS X product menu actions.
Table 21. File menu
Menu item Description Keyboard shortcut
About IBM Security AppScan Source for Analysis
Selecting this opens a dialog box that provides product information about AppScan Source for Analysis.
Preferences Select this to open the Preferences dialog box.
The File menu offers options for applications, projects, and assessments - and allows you to exit the product. Some File menu items are context-sensitive and depend on the active view and the currently-selected item in that view.
Table 22. File menu
Menu item Description Keyboard shortcut
Add Application> Create a new application
Add a new application to the set of applications. This action launches the New Application Wizard.
command+N
Add Application> Open an existing application
This launches an Open dialog box, which allows you to browse for and add an existing application to the set of applications. File or directory types that can be added include .paf, allows you to add an existing Eclipse or IBM been imported, you will be able to scan any Java projects that it contains. the set of applications. This action launches a dialog box that allows you to specify a directory in which to search for applications. In the search results, you can select one or more applications to add. you to quickly create and configure applications and projects for Java source code.
Table 22. File menu (continued)
Menu item Description Keyboard shortcut
Remove Application If an application is selected in the Explorer view, this action is available and choosing it removes the selected application.
Add Project> New Project If an application is selected in the Explorer view, this action is available and choosing it allows you to add a new project to the application. This action launches the New Project Wizard.
Add Project> Existing Project
If an application is selected in the Explorer view, this action is available and choosing it allows you to add an existing project to the application. This action launches a dialog box that allows you to browse for a .ppfor .epf file - or .xcodeprojdirectory - to open.
Note: You can also open or import .pbxproj files as AppScan Source projects.
Add Project> Copy Project If a project is selected in the Explorer view, this action is available and choosing it opens a dialog box that allows you to copy the project to another application - or create a copy of the project in the application that currently contains the project.
Add Project> Multiple Projects
Add multiple projects to the application that is selected in the Explorer view. This action launches a dialog box that allows you to complete one of these tasks:
v Specify a directory in which to search for projects.
v Specify a workspace in which to search for projects.
In the search results, you can select one or more projects to add.
Table 22. File menu (continued)
Menu item Description Keyboard shortcut
Register Register the selected
application or project with AppScan Source. You must register applications and projects before they can be published to the AppScan Source Database.
Unregister Unregister the selected application or project.
Open Assessment This launches an Open dialog box, which allows you to browse for an AppScan Source assessment file. File types that can be opened include .ozasmt and .xml.
F7
Close Assessment Close the assessment that is currently open in the Triage perspective.
Save Assessment Save the open assessment to a file.
shift+command+S
Save Assessment As Save the assessment with a different name, save it in a different directory, or both. that was scanned (or the project or file that the application contains) must be registered before the publish action can be completed. If the application has not been registered, you will be valid values before you can publish assessments to the Enterprise Console.
Table 22. File menu (continued)
Menu item Description Keyboard shortcut
Save This action is available in
these circumstances:
v An application's properties have been modified in the Properties view.
v A project's properties have been modified in the Properties view.
v A file that is open in the internal editor has been modified.
Select this action to save these changes.
command+S
Exit Exit AppScan Source for
Analysis.
command+Q
Edit menu
This menu offers standard modification and search/replace controls. This menu is also used for launching product preferences. Some Edit menu items are
context-sensitive and depend on the active view and the currently-selected item in that view.
Table 23. Edit menu
Menu item Description Keyboard shortcut
Cut Copy and remove selected
text. Use this action for text that is selected in the console, editor, or various text fields.
control+X
Copy Copy selected text to the
clipboard. Use this action for text that is selected in the console, editor, or various text fields.
control+C
Paste Paste text that has been
copied or cut. This action is typically used for
Duplicating information and reproducing it in another part of the product.
control+V
Rename Rename the selected object.
Objects that can be renamed include applications, projects, assessments, and bundles.
F2
Remove Remove the selected object. Delete Select All Select the entire body of text.
Use this action for text in the console, editor, or various text fields.
command+A
Table 23. Edit menu (continued)
Menu item Description Keyboard shortcut
Refresh Refresh the contents of a
selected application, project, or view.
F5
Find Search for text in the console
or editor - or search for findings in a findings table.
command+F
Find Next If the find action was used to search for text in the console or editor, use this action to find the next instance of the text.
F3
Preferences Select this to open the Preferences dialog box.
From the Scan menu, you manage scans of a selected application, project, or file.
Table 24. Scan menu
Menu item Description Keyboard shortcut
Scan All Scan all applications. The scan will run with the default scan configuration.
Scan Selection Scan the selected application, project, or file. The scan will run with the default scan configuration.
F4
Scan Again Re-scan assessment targets.
The last scan configuration that was use to scan the item (or selected items) will be used again for the scan.
Cancel Scan Terminates the scan and does not produce any results.
Stop Scan Halts the scan and produces partial results.
Build Configuration The configuration defines the project build parameters,
This menu item is disabled when it is not applicable.
Tools menu
This menu includes options for comparing assessments and generating reports -and for reviewing files or findings in an editor. Some Tools menu items are context-sensitive and depend on the active view and the currently-selected item in that view.
Table 25. Tools menu
Menu item Description
Diff Assessments This action opens a dialog box that allows you to select two assessments to compare.
Generate Findings Report Generate a report of selected findings or bundle contents. A findings or bundle view must be selected when issuing this action. If findings are not selected in the view, the report will contain all findings in the view.
Generate Report Generate a report that allows you to view all findings based on specific compliance requirements or guidelines.
Open in Internal Editor Open a file in the internal AppScan Source for Analysis editor. This action can be used for a selected finding and will cause the file associated with the finding to open in the editor.
Open in External Editor Open a file using an external editor. This action can be used for a selected finding and will cause the file associated with the finding to open in the editor.
Admin menu
The Admin menu provides actions that allow you to manage users and launch audit information.
Table 26. Admin menu
Menu item Description
Manage Users This action launches a dialog box that allows you to create and edit users and permissions .
You must have AppScan Source administrative permissions to be able to manage users.
Audit This action launches a view that allows you
to see audit information, such as authentication events.
Refer to the IBM Security AppScan Source Installation and Administration Guide for further details about administrative tasks.
View menu
The View menu controls the display of each view or selects an open view.
To learn more about the views that are available in AppScan Source for Analysis, see AppScan Source for Analysis Views.
Perspective menu
The Perspective menu controls the display of AppScan Source for Analysis perspectives, which are pre-configured collections of views and options.
Table 27. Perspective menu
Menu item Description Keyboard shortcut
Configuration This perspective allows you to create and manage applications, projects, and attributes.
option+1
Triage This perspective allows you
to view scan results to prioritize remediation workflow and separate real vulnerabilities from potential ones. This perspective can be used to isolate the issues that you need to fix first.
option+2
Analysis This perspective allows you to drill down into individual findings - and review source code, remediation advice, and AppScan Source trace information.
option+3
Reset Perspective Selecting this causes the currently-displayed perspective to return to its default views and layouts.
Help menu
The Help menu includes actions that open a variety of tools that assist with product usage. These include the product welcome, online user assistance, and the AppScan Source Security Knowledgebase.
Table 28. Help menu
Menu item Description
Welcome Selecting this causes the AppScan Source for
Analysis Welcome view to open. This view offers quick links to a variety of help resources, including an X-Force RSS feed.
Help Contents Selecting this causes the AppScan Source for Analysis product user assistance to open.
Security Knowledgebase This action causes the AppScan Source Security Knowledgebase to open. The Knowledgebase provided intelligence on each vulnerability - offering precise
descriptions about the root cause, severity of risk, and actionable remediation advice.
Logs Selecting this causes the Logs view to open.
Within the view, tabs allow you to select the log file to display.
Table 28. Help menu (continued)
Menu item Description
About IBM Security AppScan Source for Analysis
Selecting this opens a dialog box that provides product information about AppScan Source for Analysis.
Toolbars
Toolbars in the AppScan Source for Analysis workbench provide graphical shortcuts to commands. To identify a particular toolbar icon, pause the mouse briefly over the icon until hover help appears. The toolbar buttons represent frequently used operations (also found in the Main menu). Toolbar operations are context-dependent.
The main toolbar provides quick links to AppScan Source for Analysis perspectives. In addition, most views have toolbars that offer a quick way of launching common actions related to the view.
Hover help
Hover help is a form of context-sensitive help that displays in a small pop-up window when the mouse pointer is over an element of the interface. A brief description of the interface element is displayed in the pop-up window.
In addition to providing hover help for buttons and icons, AppScan Source for Analysis offers hover help in a variety of places, such as:
v In the Explorer view, hover help is available to indicate the file name and path of applications, projects, and files. Hover help also indicates if an application or project is registered.
v In the Trace view, hovering over trace nodes in the graph provides information about the node.
v In the Filter Editor view Trace section, hovering over a trace entry provides details about it.
v In the Scan Configuration view Advanced Settings section, hover help is available for each setting.
v In the workbench status bar (located along the bottom of the workbench), hovering over the user icon launches hover help that identifies the logged on user. Hovering over the server icon launches hover help that indicates the Enterprise Server that AppScan Source for Analysis is connect to.
Status bar
The status bar, located along the bottom of the workbench, displays informational messages that identify the current action, such as a scan.
For example, during a scan, the status bar might display Scanning <Project name>
with a progress indicator. In addition, the current stage of the scan is displayed -for example, Preparing -for Vulnerability Analysis: 99%. After the scan is complete, the elapsed time is display in the status bar.
The status bar also includes information about the current user and server connection. Hovering over the user icon launches hover help that identifies the
logged on user. Hovering over the server icon launches hover help that indicates the Enterprise Server that AppScan Source for Analysis is connect to.