HCL AppScan Integration Adapter

Listen to this article

AppScan on Cloud is a comprehensive cloud application security o-ffering that helps secure your organization’s business and data. It detects dozens of today’s most pervasive security vulnerabilities from web to mobile to open source and enhances your application security. AppScan on Cloud helps you remediate vulnerabilities from applications before the applications are deployed into production. Convenient, detailed reporting permits you to effectively address application security risk, enabling application users to benefit from a more secure experience.

Kovair HCL AppScan Adapter

As organizations have become more aware of cybersecurity threats, and general security best practices have become well understood and well documented within the development process, organizations are incorporating cybersecurity principles and tools into DevOps pipelines and methodologies.

The Kovair Omnibus Adapter for HCL AppScan helps reduce organizational risks by rapidly identifying and remediating application vulnerabilities in every phase of the development cycle.

Features & Benefits

  • Monitor and track Plan, Jobs, DeploymentProject Execution from Jenkins into Kovair ALM.
  • Execute Deployment from Kovair ALM central platform.
  • View the status of Builds from Kovair ALM or other integrated tools that are connected through Omnibus.
  • Direct navigation to Bamboo Interface from Kovair ALM to give the end users a complete 360-degree view.
  • Single interface for all continuous delivery pipelines of Jenkins.

Why Integrate HCL AppScan with Kovair?

  • Application Monitoring : The integration between Kovair and HCL AppScan would provide detail code level security vulnerabilities during the development as well as internal deployment process, when it is at the early stage of production.
  • End-to-End Traceability : The adapter can pull out Application, Issue and Scan related data from HCL AppScan and then sync to target application through Kovair Omnibus. As a result of the integration, data can be made visible to other team through their tools of choice that are integrated with Kovair platform.
  • In-depth Visibility: Gain in-depth visibility into security threats across all environments for all teams in a real-time manner, facilitating improving overall application performance.
Exposed Entities Events Collected Actions Supported
  • Application
  • Issue
  • Scan
  • Application
  • Issue
  • Scan
  • Application
  • Scan

Use Case Example of Kovair Integration with HCL AppScan

Let us consider a typical use case scenario where the HCL AppScan tool is integrated with Kovair application using Kovair adapter for HCL AppScan and Kovair Omnibus platform.

Use Case Scenarios with Kovair HCL AppScan
  • After a build gets triggered in Jenkins, source codes will be pulled from the source control repository (For example, GitHub, GitLab).
  • Following the build, automatic deployment process will begin (for example, in Ansible) at the staging server.
  • After the deployment is completed, automated script execution will start with the help of a Functional Test Automation tool such as Selenium.
  • The role of AppScan comes after the test execution step to run dynamic analysis. The monitored results are then synced to Kovair Omnibus.

 


Note: The adapter as developed and offered by Kovair follows the subject tool’s standard specifications. Any deviations from the Tool’s typical use pattern may not have been anticipated in our off-the-shelf product. For any customization or special configuration needs, please contact Kovair Sales – sales@kovair.com

Cloud DevOps