As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

AppScan on Cloud (ASoC) Remote Provider

Owned by Hector Ruiz (Unlicensed)
Last updated: Apr 26, 2022 by Daniel ColonVersion comment
2 min read

You will learn

How to fetch applications and scans, how scan dates are organized, and configuring certificates.

Prerequisites

Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 5 minutes
Tools required: N/A

For general information & instructions on the use of Remote Providers within ThreadFix, please refer to this page's parent page: Remote Providers. For information on REST API functionality for Remote Providers, please refer to the following: Remote Providers API.

Introduction

HCL AppScan on Cloud (ASoC) is a cloud app security offering that helps secure your organization’s Web, cloud, mobile, and other applications.

Login:

/api/V2/Account/ApiKeyLogin

Logout:

/api/V2/Account/Logout

Get Applications

ThreadFix uses this endpoint to pull applications from the ASoC instance and paginates this request.

/api/V2/Apps

Get Scan:

 

Get Reports:

Check Report Status:

Download Report:

  • Returns issues from ASoC based on query parameters

  • ThreadFix uses this to pull the Scanner, Status, DateCreated, LastUpdated, issueTypeId, Severity, Id, Path, SourceFile, IssueType, Cwe, and Element values, if present, for each finding from all new, open and reopened issues for the specified application.

  • ThreadFix paginates this request

Scan Dates

ThreadFix organizes the results from the issues endpoint by rounding down their Datecreated value to midnight and creating scans for each unique date.

Caveat: If one or more issues have a LastUpdated value, the newest of these values will be used when setting the scan's Scan Date.

Since these scans are dynamically created by ThreadFix, there is currently no distinction between the Scan Date and the Updated Date.

As of 2.8.6:

  • When importing from ASoC, ThreadFix will use the date/time a scan finished as the Scan Date

  • The most recent Last Updated date/time for the associated issues will be used as the scan’s Updated Date

  • In the scenario where an Application has no scans, but has issues, the Last Updated date/time will be used for both the Scan Date and Updated Date


Parsing Vulnerabilities

The JSON returned by ASE's issues endpoint maps directly to these ThreadFix Finding Mappings:

  • Native Id - Id

  • Vulnerability code - issueTypeId (if exists; otherwise issueType)

  • Severity code - Severity

  • Path - Path

  • Parameter - Element



www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.