Filters

Search Results ()

Search Results ()

    All Plugins (148)

    Quick Info

    Product
    HCL Launch
    Type
    plugin
    Compatibility
    HCL Launch version 7.1.0 or later
    Created by
    HCL Software
    Website
    Published Date
    March 9th, 2021
    Last Updated
    August 10th, 2022

    What’s New?

    The plugin supports App scan server version 10 or higher .

    Description

    HCL AppScan Enterprise enables organizations to mitigate application security risk and achieve regulatory compliance. This plugin includes steps to run AppScan Enterprise scans and retrieve scan results in HCL Launch processes.

    Quick Info

    Product
    HCL Launch
    Type
    plugin
    Compatibility
    HCL Launch version 7.1.0 or later
    Created by
    HCL Software
    Website
    Published Date
    March 9th, 2021
    Last Updated
    August 10th, 2022

    launch-appscan-15.1135024.zip

    Uploaded: 15-Jul-2022 11:39

    launch-appscan-14.1105371.zip

    Uploaded: 21-Apr-2021 09:27

    launch-appscan-14.1101790.zip

    Uploaded: 12-Mar-2021 12:47

    Summary

    The HCL AppScan Enterprise plugin for HCL Launch includes steps that run security scans and retrieve reports.

    This plugin includes one or more steps, click Steps for step details and properties.

    Compatibility

    This plugin requires HCL Launch version 7.1.0 or later and App scan server version 10 or higher.

    Installation

    See Installing plugins in HCL Launch for installing and removing plugins.

    History

    The following table describes the changes made in each plugin version.

    Plugin history details
    Version Description
    17
    • Create Scan and Retrieve Report Steps bug fixed.
    15
    • Plugin supports version App scan server version 10 or higher.
    • Added new login methods for target application in Configuring step (Automatic or None).
    14
    • Added beta feature of AppScans Webhook configuration.
    • Added Delete Folder Item step to enable the deletion of a Scan or Report.

    Usage

    Step palette

    To access this plugin in the palette, lick Security > AppScan Enterprise.

    Steps

    Step palette

    To access this plugin in the palette, lick Security > AppScan Enterprise.

    ————–Steps ————–
    The following process steps are available in the AppScan plugin.

    Configure Job Options

    Configure scan job options.

    Input properties for the Configure Job Options step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    HTTP Authentication Enumeration Check this field to enable Basic/NTLM authentication. Values are default, true, false, and ${p?:component/appscan.httpAuth}. No
    HTTP Password Password No
    HTTP User String No
    Password Password Password to log into ASE. Yes
    Recorded Traffic .htd File * String Under development No
    Scan FIID String FIID of the scan to configure. This is found in the scans URL. Yes
    Scan Limit String No
    Scan Site Password Password Password to use when logging into the site. Input here will overwrite the password if there is already one set in the scan. No
    Scan Site User String User to log into the site as. Input here will overwrite the username if there is already one set in the scan. No
    Set Automatic Login Enumeration Set to true to automatically login with the given Scan Site User and Scan Site Password. Values are default, true, false, and ${p?:component/appscan.setAuto}. No
    Site URL String URL of site to scan. If there is already at least one starting URL associated with the scan, input here will add to the list of URLs. No
    User String Username to log into ASE. Yes

    Create Scan

    Create an AppScan security scan.

    Input properties for the Create Scan step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Application ID String The application ID. Used to associate the job with an application. No
    Folder ID String ID of the specific folder in which to create the scan and report pack. If this is left blank, the scan and report pack will be created in the root folder. No
    Password Password Password to log into ASE. Yes
    Scan Description String The description to give to the newly created scan. Yes
    Scan Name String The name to give to the newly created scan. Yes
    Template Name String Name of the template to use to create the scan and report pack. Must be a valid template that you have access to in the Templates directory or any of its subfolders. Yes
    User String Username to log into ASE. Yes

    Delete Folder Item

    Delete a folder item, such as a Scan or Report, from the AppScan Scans view.

    Input properties for the Delete Folder Item step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL, For example, https://localhost/ Yes
    Folder Item FIID String Specify a Folder Item FIID to delete. Example: Scan or Folder FIID. Yes
    Password Password Password to log into ASE. Yes
    User String Username to log into ASE. Yes

    List Templates

    Retrieve and print a list of available job templates.

    Input properties for the List Templates step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    User String Username to log into ASE. Yes

    Retrieve PDF Report

    Retrieve report from AppScan Enterprise. Reports are saved as a PDF file named AppScanReportOutput-[date]-[time].zip

    Input properties for the Retrieve PDF Report step
    Name Type Description Required
    AppScan Enterprise Port String AppScan Enterprise Port number. Yes
    AppScan Enterprise URL String AppScan Enterprise Control Center URL, For example, https://localhost/ Yes
    Application ID String ID of the application report to retrieve. Yes
    File Path String Path of file to write report info to. For example, C:/reports/ Yes
    Password Password Password to log into ASE. Yes
    Scan Name String The name of the scan within the application. The format is {scanName} ({scanFIID}). For example, Test Scan (171). No
    User String Username to log into ASE. Yes

    Retrieve Report

    Retrieve report pack summary and specific report information from AppScan Enterprise. Reports are saved as a xml files named [reportFIID]-Summary.xml and [reportFIID]-[reportName].xml

    Input properties for the Retrieve Report step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    Report Destination String Folder path to save the report file. Default location is the working directory. Example: C:/reports/. The full file path will be saved as an output property. No
    Report FIID String FIID of the report pack to retrieve. This is found in the reports URL. Yes
    Report Name String The name of the report within the report pack to retrieve the issue counts. If empty, then no report counts are retrieved. No
    User String Username to log into ASE. Yes

    Run Scan

    Run an AppScan security scan.

    Input properties for the Run Scan step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    Reports FIID String FIID of the report pack associated with the scan. If not given, step may finish before waiting for report pack to complete. This is found in the reports URL. No
    Retries String The number of times to retry running the scan, in case of failure. No
    Scan FIID String FIID of the scan to run. This is found in the scans URL. Yes
    Timeout String Timeout, in minutes, at which the step fails if the scan is not yet complete. Minimum is 5 minutes. No
    User String Username to log into ASE. Yes

    Wait for Scan

    Wait for an AppScan Scan to complete.

    Input properties for the Wait for Scan step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL, For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    Scan FIID String FIID of the scan to wait for. This is found in the scan URL. Yes
    Timeout String Timeout, in minutes, at which the step fails if the scan is not yet complete. Leave empty to wait indefinitely. No
    User String The user name for connecting to ASE. Yes