HCLAppScan

HCLAppScan detectsand fixes security vulnerabilities in applications. It includes Dynamic Analysis (DAST) for testing live applications and APIs for vulnerabilities, and Static Analysis (SAST) for examining source code to find issues early in development. It also features Vulnerable Third-Party Component Detection to identify risks in third-party libraries.

Integration Method: API
Tables: Vulnerability Finding

Integration Capabilities

To connect DataBee and HCLAppScan for the purpose of building your organization hierarchy, DataBee connects to 2 API to retrieve scan details and issues.

This integration has been tested against HCLAppScan version v4.

HCL Appscan Configuration

1. In the HCLAppScan console, navigate to Tools > API 

2. Click on Generate Button

3. Copy the Key ID and Key Secret. This value represents your unique API_SECRET_KEY.

Note: You will not be able to view the Key Secret again after you complete this step. Ensure that you copy it before closing the notification.

Document Reference: https://help.hcl-software.com/appscan/ASoC/appseccloud_rest_apis.html?hl=api

DataBee Configuration

1. To configure the Data Source, login into the DataBee UI, navigate to the Data tab, and click on Add New Data Source.

2. Search and click on the HCL AppScan

3. Click on the API Ingest option for collection method. Give the name of the Data Source and other relevant information as mentioned below. 

4. Enter basic data source information and click Next

5. In the next dialog, enter the following:

• Authorization Method: Token URL Auth

• Key ID: Enter the Key ID saved from the previous step

• Secret Key: Enter the Key Secret saved from the previous step

6. If the URLs are not filled, use the following:

API URL: https://<instance>/api/v4/Issues/Scans

API URL: https://<instance>/api/v4/Issues/Scan/<Id>

Token URL: https://<instance>/api/v4/Account/ApiKeyLogin

To get the base URL: Go to the API key page at the AppScan on Cloud service:

North America datacenter users: https://cloud.appscan.com/main/apikey

Western Europe datacenter users: https://eu.cloud.appscan.com/main/apikey

Reference Events

Scans
{
"Items": [
{
"AppId": "71c399f4-9f71-43c6-808a-7760ed6cf11d",
"Id": "b91bc37a-74dd-4eed-9c82-456b4e0f84d6",
"Name": "DAST 2024-08-1 https://demo.testfire.net?mode=demo",
"Technology": "DynamicAnalyzer",
"IastAgentType": null,
"IastAgentStatus": "None",
"Url": "https://demo.testfire.net?mode=demo",
"AppName": "Test Application",
"TestOptimizationLevel": "Fast",
"NumberOfExecutions": 1,
"CreatedBy": {
"Id": "7cd9fb87-feb3-4ab4-acd6-54979675d94b",
"FirstName": "Dev ",
"LastName": "Parmar",
"UserName": "dev.parmar@crestdata.ai",
"Email": "dev.parmar@crestdata.ai"
},
"CreatedAt": "2024-08-01T05:27:56.5979609Z",
"LastModified": "2024-08-01T05:27:56.5979609Z",
"NextScheduledRun": null,
"LatestExecution": {
"Id": "27a4dce3-1eef-4ab3-92c4-40bbf973a24b",
"FileName": null,
"UserMessage": "Scanning for security issues. When done, you can view the results in the issues tab or generate a report.",
"NNewAppIssues": 101,
"NIssuesFound": 101,
"Status": "Ready",
"Progress": 0,
"ExecutionProgress": "Completed",
"CreatedBy": {
"Id": "7cd9fb87-feb3-4ab4-acd6-54979675d94b",
"FirstName": "Dev ",
"LastName": "Parmar",
"UserName": "dev.parmar@crestdata.ai",
"Email": "dev.parmar@crestdata.ai"
},
"CreatedAt": "2024-08-01T05:27:56.5979609Z",
"ScanEndTime": "2024-08-01T05:28:39.4074922Z",
"ExecutionDurationSec": 22,
"NNewAppCriticalIssues": 4,
"NCriticalIssues": 4,
"NNewAppHighIssues": 12,
"NHighIssues": 12,
"NNewAppMediumIssues": 69,
"NMediumIssues": 69,
"NNewAppLowIssues": 0,
"NLowIssues": 0,
"NNewAppInfoIssues": 16,
"NInfoIssues": 16,
"NOpenSourceLicenses": 0,
"NOpenSourcePackages": 0,
"HasLogs": false,
"IsScanFileAvailable": false,
"PredefinedMessageKey": "UserMessageInProgress",
"HandledByScanEnabler": false,
"IsPartial": false,
"IncrementalBaseJobId": null,
"IsIncrementalRetest": false,
"GitRepository": null,
"GitBranch": null
},
"Presence": null,
"RecurrenceRule": null,
"IsPersonal": false,
"RescanAllowed": false,
"ParsedFromUploadedFile": false,
"DeletedAllowed": true,
"RecurrenceEndDate": null,
"FullyAutomatic": false,
"EnableMailNotifications": false
}
]
}

Detailed Scan Info
{
"Items": [
{
"Id": "8e0c98de-c64f-ef11-991a-c14db4e8d4e5",
"Language": null,
"Severity": "Medium",
"Status": "Open",
"IssueType": "Unnecessary Http Response Headers found in the Application",
"Location": "Unavailable for free plan",
"DateCreated": "2024-08-01T05:28:32.6857998Z",
"LastUpdated": "2024-08-01T05:28:32.6858384Z",
"LastFound": "2024-08-01T05:28:32.6858715Z",
"CallingMethod": "Unavailable for free plan",
"IsNewInScope": true,
"LibraryName": "Unavailable for free plan",
"LibraryVersion": "Unavailable for free plan",
"ScaTechnology": "Unavailable for free plan",
"FGStatus": null,
"AsmHash": "-2066640879234596864",
"HashVersion": 1,
"ApplicationId": "71c399f4-9f71-43c6-808a-7760ed6cf11d",
"FixGroupId": null,
"Api": "Unavailable for free plan",
"Source": null,
"Context": null,
"AppscanVulnId": null,
"CallingLine": "0",
"Class": "Unavailable for free plan",
"Cve": null,
"CvePublishDate": null,
"DetailsUrl": null,
"Cvss": "5.3",
"CvssVersion": "Cvss31",
"DiscoveryMethod": "DAST",
"Domain": "demo.testfire.net",
"Element": "demo.testfire.net",
"ElementType": "Page",
"ExternalId": null,
"Host": "demo.testfire.net",
"IssueTypeId": "attUnnecessaryResponseHeaders",
"IssueTypeGuid": "6d0f1137-67f2-ea11-9b05-2818780a57a5",
"IssueXml": null,
"Line": "0",
"Package": "Unavailable for free plan",
"Path": "Unavailable for free plan",
"Port": 443,
"Scheme": "https",
"SeverityValue": 3,
"CorrelationGroupId": null,
"SourceFile": "Unavailable for free plan",
"LastComment": null,
"Scanner": "AppScan Dynamic Analyzer",
"ScanName": "DAST 2024-08-1 https://demo.testfire.net?mode=demo",
"Cwe": 200,
"ThreatClassId": "catInformationLeakage",
"DiffResult": "NoChange",
"ApiVulnName": null,
"RemediationId": null,
"SourceFileUri": null
}
]
}