Links

HCL AppScan

PlexTrac supports importing XML files from HCL AppScan. HCL AppScan is a web application security testing tool used to identify and address security vulnerabilities in web applications before they are deployed using a combination of dynamic application security testing (DAST) and static application security testing (SAST) techniques to identify vulnerabilities.
Below are the mappings of fields and any reference notes to provide context. If a field is not listed, then PlexTrac does not currently import.

Finding Field Mappings

Plextrac Field
HCL Path
title
  1. 1.
    Get the issue types: issue-group/item/advisory/ref
  2. 2.
    Get the data being imported: advisory-group/item/advisory/name
severity
issue-group/item/severity
references
  1. 1.
    Get the issue types: issue-group/item/advisory/ref
  2. 2.
    Get the data being imported: advisory-group/item/advisory/references
recommendations
  1. 1.
    Get the issue types: issue-group/item/remediation/ref
  2. 2.
    Get the data being imported: remediation-group/item/name
description
  1. 1.
    Get the issue types: issue-group/item/advisory/ref
  2. 2.
    Get the actual data being imported. All items are a concatenation of mulitple fields: advisory-group/item/advisory/testDescription plus advisory-group/item/advisory/testTechnicalDescription/text
evidence
issue-group/item/variant-group/item/issue-information/testReportChunk
field: <cwe>
label: cwe
value
issue-group/item/cwe
scores: <cvss>
label: cvss
value
issue-group/item/cvss-score
calculation
issue-group/item/cvss-vector/base-vector

Asset Field Mappings

PlexTrac Field
HCL Path
asset
  1. 1.
    Get the entity id: issue-group/item/entity/ref
  2. 2.
    Get the data being imported: entity-group/item id=(match from above)/name
Last modified 18h ago
© 2023 PlexTrac, Inc. All rights reserved.