The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.
For a list of other such plugins, see the Pipeline Steps Reference page.
step([$class: 'AppScanStandardBuilder'])
: Run AppScan StandardstartingURL
Spiders will find the remaining URLs in the domain to be included for scanning.
String
installation
String
additionalCommands
(optional)
AppScanCMD exec|ex|e Parameters: [ /dest_scan|/dest|/d ] [ /base_scan|/base|/b ] [ /old_host|/ohost|/oh ] [ /new_host|/nhost|/nh ] [ /scan_template|/stemplate|/st ] [ /login_file|/lfile|/lf ] [ /multi_step_file|/mstepfile|/mf ] [ /manual_explore_file|/mexplorefile|/mef ] [ /policy_file|/pfile|/pf ] [ /additional_domains|/adomains|/ad ] [ /report_file|/rf ] [ /report_type|/rt {xml} ] [ /min_severity|/msev {informational} ] [ /test_type|/tt ] [ /report_template|/rtemplate|/rtm {CliDefault} ] Flags: [ /verbose|/v {false} ] [ /scan_log|/sl {false} ] [ /explore_only|/eo {false} ] [ /test_only|/to {false} ] [ /multi_step|/mstep|/ms {false} ] [ /continue|/c {false} ] [ /merge_manual_explore_requests|/mmer {false} ] [ /include_responses|/ir {false} ] [ /open_proxy|/oprxy|/opr /listening_port|/lport|/lp ] Creates new scan with base_scan's configuration saving dest_scan and creating report, if configured. AppScanCMD report|rep|r Parametrs: /base_scan|/base|/b /report_file|/rf /report_type|/rt [ /min_severity|/msev {informational} ] [ /test_type|/tt ] [ /report_template|/rtemplate|/rtm {CliDefault} ] Flags: [ /verbose|/v {false} ] Creates a report for base_scan. AppScanCMD close_proxy|cprxy|cpr Closes AppScan proxy if was previously opened. More info. at: (9.0.3.2 User Guide) CLI - Chapter 15 - CLI - Page 315 http://www-01.ibm.com/support/docview.wss?uid=swg27048015#2
String
authScan
(optional)
If the website contains private information accessed only by logging in this option should be checked and credentials provided to increase dynamic security coverage.
boolean
authScanPw
(optional)
Providing an account with higher authorization (such as Administrator) will increase the attack surface and therefore the scan coverage.
String
authScanRadio
(optional)
A login sequence may be recorded using AppScan Standard's GUI by following these steps:
"Scan" > "Scan Configuration" > "Login Management" > "Record" > [ record your login...] > "I am logged in to the site" > "Details" (Tab) > "Export" (small icon on the right side).
Check "Form Based Authentication" if you do not have a recorded login sequence, this option will require an user name and password combination and is not guaranteed to work for all scenarios.
boolean
authScanUser
(optional)
Providing an account with higher authorization (such as Administrator) will increase the attack surface and therefore the scan coverage.
String
generateReport
(optional)
The report is available in HTML and PDF.
The HTML report generated is ready to be integrated with the HTML Publisher Plugin.
boolean
htmlReport
(optional)
boolean
includeURLS
(optional)
Some URLs might not be found by AppScan Standard's spiders, include them to get the best possible coverage.
String
pathRecordedLoginSequence
(optional)
String
pdfReport
(optional)
boolean
policyFile
(optional)
A Test Policy File can be created following these steps:
"Scan" > "Scan Configuration" > "Test Policy" > "Export".
String
reportName
(optional)
To configure HTML Publisher Plugin properly, the names in the configuration must match.
String
verbose
(optional)
boolean
Please submit your feedback about this page through this quick form.
Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?
See existing feedback here.