Sample data for the integration between HCL Security AppScan Tester Edition and Engineering Test Management
When you run the Default Settings wizard as you set up HCL Security AppScan Tester Edition, you can populate the HCL Security AppScan database with sample data, such as scan templates, server groups that are based on the servers and IP addresses listed in your HCL Security AppScan Tester Edition license, and test policies for running security tests.
If necessary, you can edit the data later in HCL Security AppScan Tester Edition. You can also populate the database with sample data that is specific to Engineering Test Management so that you can get started quickly. You can get an overall sense of how to set up your own test plans and test scripts to scan your environment for security vulnerabilities.
Sample HCL Security AppScan Tester Edition data
- Scan templates
- A scan template defines the type of scan to run and the reports to generate.
- Server groups
- A server group is a group of items that can be tested as a unit; the same security tests are applied to all the servers in the group. A server group can be any combination of domains, URLs, and IP addresses.
- Test policies
- A test policy is a predefined set of security tests. A policy includes testing configuration information, such as threat classes, noninvasive and invasive tests, and port listener tests.
Sample Engineering Test Management data
- Test plan
- A sample security testing test plan, Altoro Mutual Test Plan, is based on the Web Application Security Test Plan template. You can use the template to create your own security test plan.
- Test cases
- The Default Settings wizard automatically creates three test cases for
testing web applications. The test cases can be edited as needed in Engineering Test Management:
- Ensure that users can transfer funds between accounts
- Ensure that the login process works as expected
- Ensure that no security vulnerabilities exist
- Test scripts
- The Default Settings wizard automatically creates several test scripts for
testing web applications:
- Transfer a small amount between accounts (manual test script)
- Transfer a large amount between accounts (manual test script)
- Ensure that users cannot transfer more money than is available (manual test script)
- Complete a basic scan of Altoro Mutual (automated test script)
- Log in as Administrator (manual test script)
- Log in as John Smith (manual test script)