start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
Close
Select Page

In the fast-paced world of software development, staying ahead means constantly evolving to meet new challenges. That’s why HCL AppScan is  thrilled to introduce two new plugins designed to enhance your development process and strengthen your security posture. Seamlessly integrating into your existing workflows, these plugins empower your team to work more efficiently while keeping security front and center.

The HCL AppScan Maven and Gradle plugins are tailored to integrate with the tools developers use daily, offering seamless security scans that align perfectly with your workflow. Whether you're building Java applications with Maven or managing complex project dependencies with Gradle, these plugins ensure that security becomes an integral part of your development pipeline.

Both plugins are available on HCL AppScan on Cloud and HCL AppScan 360º, featuring rich releases that can significantly enhance your application security.

HCL AppScan Maven Plugin

The HCL AppScan Maven plugin is crafted to integrate smoothly with Maven-based projects, enabling developers to easily incorporate security testing into their build processes. As a widely used build automation tool in the Java ecosystem, Maven benefits from this integration by including security checks in its standard build lifecycle.

Key Features

1. Seamless Integration: The plugin can be easily incorporated into your Maven project with minimal configuration, simplifying the setup and usage process.

2. Automated Scanning: It automatically scans your code for vulnerabilities during the build process, offering immediate feedback on potential issues.

3. Customizable: The scanning parameters can be tailored to meet the specific needs of your project.

Getting Started

  • Refer here for the prerequisites to use the plugin.
  • Refer this link for instructions on how to use the plugin.
  • These are the configurable options available in the plugin.

Once the plugin is added, you can run your Maven build as usual. The AppScan plugin will automatically execute a security scan and generate a report in AppScan on Cloud (or AppScan 360˚).

HCL AppScan Gradle Plugin

The HCL AppScan Gradle plugin offers comparable features for projects utilizing Gradle as their build automation tool. Renowned for its flexibility, Gradle is extensively adopted in contemporary software development. By integrating HCL AppScan with Gradle, security becomes an integral aspect of your build process.

Key Features

1. Seamless Integration: Easily integrates with your Gradle build scripts, making security testing a natural part of your development workflow.

2. Automated Security Checks: Automatically scans your codebase for vulnerabilities during the build process, providing timely feedback.

3. Configurable: Offers configurable scanning options to match your project's requirements.

Getting Started

  • Refer here for the prerequisites to use the plugin.
  • Refer this link for usage of the plugin.
  • These are the configurable options.

With this configuration, the AppScan plugin will run after the project build task, ensuring that your code is scanned for vulnerabilities as part of the build process.

Benefits of Integrating with HCL AppScan

  1. AI-enabled Time Savings: Using these plugins, you can benefit from HCL AppScan’s proven AI/machine learning capabilities like Intelligent Finding Analytics (IFA) for reducing false positives, and Intelligent Code Analytics (ICA) for automatically widening scan coverage
  2. Actionable Insights: HCL AppScan provides comprehensive, detailed security test reports that contain scan issues along with remediation guidance for the issues reported. You can view the sample reports here and generate different report formats including html, pdf, xml, and csv.
  3. Early Detection: By integrating security testing into your build process, you can catch vulnerabilities early, reducing the cost and effort required to fix them.
  4. Continuous Security: Ensure security checks are performed consistently, making it harder for vulnerabilities to slip through the cracks.
  5. Improved Code Quality: Regular security scanning can lead to improved code quality as developers become more aware of potential security issues.
  6. Compliance: Helps in meeting compliance requirements by ensuring that your codebase is regularly scanned and secured.

Integrating security testing into your CI/CD pipelines is vital for maintaining the security and integrity of your applications. The HCL AppScan Maven plugin and the HCL AppScan Gradle plugin provide robust tools to automate security checks and ensure that your code is secure from the beginning. By incorporating these plugins into your build processes, you can boost your application's security posture and release software with confidence.

This integration is a part of an extensive list of marketplace-based collaborations with high-demand tools including Visual Studio, Jenkins, GitHub, GitLab and more (see full list here).

Get more information on all HCL AppScan application security testing solutions here. 

Not yet a customer of HCL AppScan on Cloud or AppScan 360? Click here for a free trial of Application Security on Cloud to use with the above build plugins or contact us to start your own HCL AppScan 360º journey today!

Comment wrap

Start a Conversation with Us

We’re here to help you find the right solutions and support you in achieving your business goals.

  |  December 23, 2024
Transforming Application Security Testing with Developer-Centric DAST
Empower developers to find and fix vulnerabilities early with developer-centric DAST. Learn how this approach can improve your application security testing.
  |  December 12, 2024
Building Resilient Applications with AST and ASPM: A Dual Defense Strategy
Learn how Application Security Testing (AST) and Application Security Posture Management (ASPM) work together to secure your applications in the Digital+ world. Download HCLSoftware's free eGuide to get started.
  |  December 5, 2024
How Cryptocurrency and Blockchain are Reshaping Supply Chain Security
Discover how cryptocurrency and blockchain enhance supply chain security with tamper-proof ledgers, instant payments, and smart contracts. Improve efficiency and trust.