IBM Security AppScan Source

Version: 1

IBM® Security AppScan® Source helps organizations lower costs and reduce risk exposure by identifying web-based and mobile application source code vulnerabilities early in the software development lifecycle, so they can be fixed before deployment.

IBM Security AppScan Source integrates application security testing into your software development lifecycle. It offers enhanced mobile application scanning capabilities and supports testing for mobile web, native and hybrid applications, which includes support for JavaScript, HTML5, Cordova, Java and Objective-C. IBM Security AppScan Source also provides integration with IBM Worklight® Studio and the ability to scan Worklight applications.

IBM Security AppScan Source can enable:

  • Stronger and more cost-effective software security through source code analysis.
  • Improved intelligence through integration with existing tools and processes such as application development, build integration and security monitoring.
  • Security best practices through centralized management and enforcement of security policies.
  • Reporting, governance and compliance capabilities that facilitate communication of security status and issues.

Available Steps

Scan / Upload Scan a project and upload the results. This step can generate .paf and .ppf files. Scan results are loaded into IBM UrbanCode Build as a source analytics report on the build life.

Run Script Run an IBM Security AppScan Source script with the AppScanSrcCli command.

Report Results Upload scan report results to IBM UrbanCode Build.