Filters

CLEAR ALL

Search Results ()

Filter Icon

Search Results ()

    All Plugins (171)

    Filter Icon

    Quick Info

    Product icon
    Product
    DevOps Deploy (HCL Launch)
    Plugin type icon
    Type
    plugin
    Compatibility icon
    Compatibility
    HCL Launch version 7.1.0 or later
    created by icon
    Created by
    HCL Software
    Website icon
    Website
    Published Date
    March 9th, 2021
    Last Updated
    March 13th, 2024

    What’s New?

    The plugin supports App scan server version 10 or higher .

    Description

    HCL AppScan Enterprise enables organizations to mitigate application security risk and achieve regulatory compliance. This plugin includes steps to run AppScan Enterprise scans and retrieve scan results in HCL Launch processes.

    Quick Info

    Product icon
    Product
    DevOps Deploy (HCL Launch)
    Plugin type icon
    Type
    plugin
    Compatibility icon
    Compatibility
    HCL Launch version 7.1.0 or later
    created by icon
    Created by
    HCL Software
    Website icon
    Website
    Published Date
    March 9th, 2021
    Last Updated
    March 13th, 2024

    launch-appscan-26.1166855.zip

    Uploaded: 13-Mar-2024 06:43

    Release Notes

  • Modified timeout Logic for Retrieve PDF report.
  • launch-appscan-25.1166389.zip

    Uploaded: 28-Feb-2024 13:26

    Release Notes

  • Added property ScanType for the Configure Job options step.
  • Modified timeout Logic for Retrieve report and Wait for scan steps.
  • launch-appscan-24.1161014.zip

    Uploaded: 07-Sep-2023 07:37

    Release Notes

  • Updated the plugin to use the new appscan Rest API to retrieve report summary file as a json file.
  • launch-appscan-23.1161004.zip

    Uploaded: 07-Sep-2023 05:01

    Release Notes

      Fixed plugin code for retrieving report summary file in xml format.

    launch-appscan-22.1159870.zip

    Uploaded: 24-Aug-2023 06:47

    Release Notes

  • Added Test policy Id as an input property to Create scan step.
  • Fixed defect KB0106648 to update correct testpolicyId while creating a scan.
  • launch-appscan-21.1143722.zip

    Uploaded: 07-Nov-2022 12:09

    Release Notes

  • Added Site Url feature.
  • Added Automated Scan Name feature.
  • launch-appscan-20.1141151.zip

    Uploaded: 14-Sep-2022 11:37

    Release Note

    Added PDF file type feature.

    launch-appscan-20.1141119.zip

    Uploaded: 12-Sep-2022 11:43

    launch-appscan-19.1140926.zip

    Uploaded: 07-Sep-2022 10:19

    Release Note

    Minor enhancements.

    launch-appscan-18.1140668.zip

    Uploaded: 29-Aug-2022 08:16

    Release Note

    Added Traffic file in Configuration Step.

    launch-appscan-17.1139541.zip

    Uploaded: 10-Aug-2022 06:56

    Release Notes

  • Create scan folder ID fix.
  • Retrieve Report fix.
  • launch-appscan-16.1139034.zip

    Uploaded: 10-Aug-2022 06:42

    Release Note

    Error logs fixed.

    launch-appscan-16.1138002.zip

    Uploaded: 20-Jul-2022 09:45

    Release Note

    Error logs fixed.

    launch-appscan-15.1135024.zip

    Uploaded: 15-Jul-2022 11:39

    Release Notes

  • Upgraded all steps with latest APIs.
  • Plugin is now compatible with new App scan server.
  • launch-appscan-14.1105371.zip

    Uploaded: 21-Apr-2021 09:27

    Release Notes

  • Added beta feature of AppScans Webhook configuration.
  • Added Delete Folder Item step to enable the deletion of a Scan or Report.
  • launch-appscan-14.1101790.zip

    Uploaded: 12-Mar-2021 12:47

    Summary

    The HCL AppScan Enterprise plugin for HCL Launch includes steps that run security scans and retrieve reports.

    This plugin includes one or more steps, click Steps for step details and properties.

    Compatibility

    This plugin requires HCL Launch version 7.1.0 or later and App scan server version 10 or higher.

    Installation

    See Installing plugins in HCL Launch for installing and removing plugins.

    History

    The following table describes the changes made in each plugin version.

    Plugin history details
    Version Description
    26
    • Modified timeout Logic for Retrieve PDF report.
    25
    • Added property ScanType for the Configure Job Options step.
    • Modified timeout Logic for Retrieve report and Wait for scan step.
    24
    • Modified code to generate the report summary file as a json instead of xml as Appscan’s Rest API to that gives proper xml response is deprecated.
    23
    • Fixed plugin code for retrieving report summary file in xml format.
    22
    • Added Test policy Id as an input property to Create scan step.
    • Fixed defect to update correct testpolicyId while creating a scan.
    18
    • Configuration Step – Added login file upload feature.
    • Configuration Step – Added traffic file upload feature.
    17
    • Create Scan and Retrieve Report Steps bug fixed.
    15
    • Plugin supports version App scan server version 10 or higher.
    • Added new login methods for target application in Configuring step (Automatic or None).
    14
    • Added beta feature of AppScans Webhook configuration.
    • Added Delete Folder Item step to enable the deletion of a Scan or Report.

    Usage

    Step palette

    To access this plugin in the palette, lick Security > AppScan Enterprise.

    Steps

    Step palette

    To access this plugin in the palette, lick Security > AppScan Enterprise.

    ————–Steps ————–
    The following process steps are available in the AppScan plugin.

    Configure Job Options

    Configure scan job options.

    Site URLStringURL of site to scan. If there is already at least one starting URL associated with the scan, input here will add to the list of URLs.No

    Input properties for the Configure Job Options step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    HTTP Authentication Enumeration Check this field to enable Basic/NTLM authentication. Values are default, true, false, and ${p?:component/appscan.httpAuth}. No
    HTTP Password Password No
    HTTP User String No
    Password Password Password to log into ASE. Yes
    Login .login File String Add path to Login (.login) file if login method is selected as “Manual File”. No
    Login Method Enumeration: None / Automatic / Manual File Select the login method. No
    Recorded Traffic .config File String Add path to Login .config file for uploading traffic data. No
    Scan Type Method Enumeration: Full Scan / Explore Only / Test Only Select the Scan Type. Default value is Full Scan. If record traffic file is provided, default value is Test Only. For Full Scan ID: 1, For Explore Only ID: 2, For Test Only ID: 3. No
    Scan FIID String FIID of the scan to configure. This is found in the scans URL. Yes
    Scan Limit String No
    Scan Site Password Password Password to use when logging into the site. Input here will overwrite the password if there is already one set in the scan. No
    Scan Site User String User to log into the site as. Input here will overwrite the username if there is already one set in the scan. No
    User String Username to log into ASE. Yes

    Create Scan

    Create an AppScan security scan.

    Input properties for the Create Scan step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Application ID String The application ID. Used to associate the job with an application. No
    Automated Scan Name String lease select Yes for automated scan name.
    Folder ID String ID of the specific folder in which to create the scan and report pack. If this is left blank, the scan and report pack will be created in the root folder. No
    Password Password Password to log into ASE. Yes
    Scan Description String The description to give to the newly created scan. Yes
    Scan Name String The name to give to the newly created scan. Yes
    Template Name String Name of the template to use to create the scan and report pack. Must be a valid template that you have access to in the Templates directory or any of its subfolders. Yes
    Test Policy ID String The Test Policy ID. Used to associate the job with an application. No
    User String Username to log into ASE. Yes

    Delete Folder Item

    Delete a folder item, such as a Scan or Report, from the AppScan Scans view.

    Input properties for the Delete Folder Item step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL, For example, https://localhost/ Yes
    Folder Item FIID String Specify a Folder Item FIID to delete. Example: Scan or Folder FIID. Yes
    Password Password Password to log into ASE. Yes
    User String Username to log into ASE. Yes

    List Templates

    Retrieve and print a list of available job templates.

    Input properties for the List Templates step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    User String Username to log into ASE. Yes

    Retrieve PDF Report

    Retrieve report from AppScan Enterprise. Reports are saved as a PDF file named AppScanReportOutput-[date]-[time].zip

    Input properties for the Retrieve PDF Report step
    Name Type Description Required
    AppScan Enterprise Port String AppScan Enterprise Port number. Yes
    AppScan Enterprise URL String AppScan Enterprise Control Center URL, For example, https://localhost/ Yes
    Application ID String ID of the application report to retrieve. Yes
    File Path String Path of file to write report info to. For example, C:/reports/ Yes
    Password Password Password to log into ASE. Yes
    Scan Name String The name of the scan within the application. The format is {scanName} ({scanFIID}). For example, Test Scan (171). No
    User String Username to log into ASE. Yes

    Retrieve Report

    For Plugin v24 and above: Reports are saved as a json files named [reportFIID]-Summary.json.

    Upto Plugin v23:Retrieve report pack summary and specific report information from AppScan Enterprise. Reports are saved as a xml files named [reportFIID]-Summary.xml and [reportFIID]-[reportName].xml

    Input properties for the Retrieve Report step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    Report Destination String Folder path to save the report file. Default location is the working directory. Example: C:/reports/. The full file path will be saved as an output property. No
    Report FIID String FIID of the report pack to retrieve. This is found in the reports URL. Yes
    Report Name String The name of the report within the report pack to retrieve the issue counts. If empty, then no report counts are retrieved. No
    User String Username to log into ASE. Yes

    Run Scan

    Run an AppScan security scan.

    Input properties for the Run Scan step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL. For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    Reports FIID String FIID of the report pack associated with the scan. If not given, step may finish before waiting for report pack to complete. This is found in the reports URL. No
    Retries String The number of times to retry running the scan, in case of failure. No
    Scan FIID String FIID of the scan to run. This is found in the scans URL. Yes
    Timeout String Timeout, in minutes, at which the step fails if the scan is not yet complete. Minimum is 5 minutes. No
    User String Username to log into ASE. Yes

    Wait for Scan

    Wait for an AppScan Scan to complete.

    Input properties for the Wait for Scan step
    Name Type Description Required
    AppScan Enterprise URL String AppScan Enterprise Control Center URL, For example, https://localhost/ Yes
    Password Password Password to log into ASE. Yes
    Scan FIID String FIID of the scan to wait for. This is found in the scan URL. Yes
    Timeout String Timeout, in minutes, at which the step will fail if the scan is not yet complete.
    By Default It will wait for 5 minutes.
    Large Value like 200000 recommended when the expected time is not known.
    No
    User String The user name for connecting to ASE. Yes