The AppScan on Cloud web experience has several great improvements that not only bring a clean consistent interface across different areas of the service, but more importantly, provide better visability, ease of use and new developer centric advisories with sample code to remediate.
We’ve introduced a new collapsible side menu, which allows easy navigation from any page. Throughout the experience, users see new grids (tables) of information, that allow them to add or remove columns to suit their preferences. Each viewable column is also sortable including the Applications list and issues view.
Users can now navigate between all the different views using breadcrumbs at the top of the page and can share the link directly to a page with any authorized user. For example, you could send the link directly to a particular issue via email or chat to another team member.
The single application page now provides a dashboard that gives you loads of information at a glance, from current risk rating, to scanning status, to issues and common issue types. See recent scans, or comments team members have made, and go directly to the issue to take action.
The dashboard graphs allow for easily drilling down to the underlying data. The familiar all issues, fix groups, scans and IAST tabs have been replaced with links at the top of the dashboard.
The create scan wizards have been updated including adding a new flow for creation of a DAST scan using an uploaded configuration. The scan wizards and report wizards have all been organized to simplify information that is similar across different types.
Policies management has been redesigned to provide greater visibility and make it easier to create custom policies and associate policies with different applications. AppScan on Cloud now includes additional industry and regulatory policies that can be used to monitor the compliance of your applications.
The baseline policy has been moved to the applications page, to allow teams to easily set or update the baseline as needed for that application. If you are not using baseline policies to help manage your triage, you may want to consider it.
In addition to these highlights, we have also enhanced the details view of issues, to allow users to review issue information in a right-side pane that remains open as they move through their list of issues. The advisory and remediation content is all new and developer centric. Also, a single section on “How to Fix” now includes all information that a developer may need, and there is also the option to see information and sample code is different programming languages.
The best news is that these new user experiences will continue to improve each month.
And as always, the HCL AppScan team would love to get your feedback and ideas.
You can also watch a short preview of the new UX here.