Adding a new version to an application
To create a new version of an existing application:
Sign in as an Administrator or a Security Lead.
From the Applications view, select an application version, and then click + NEW VERSION.
The Application name and Application description boxes are populated with the name and description of the selected application.
On the GENERAL tab, under Version Setup, provide the information described in the following table.
Field Description Version name
Type a name for the version.
The version name must not start with the characters
=,-,+, or@, and must not include control characters. For a complete list of Unicode characters included in these restricted ranges, see Control characters in ASCII and Unicode.Version description
(Optional) Type a description of this version of the application.
Use existing application version
To use the settings of an existing application version, select this check box and do the following:
Click BROWSE.
Locate and select the application that has the settings you want to use for the new application.
You can type a string into the search box, and then click FIND to refine the list of applications.
The VERSIONS pane lists the active versions of the selected application. To display inactive versions, select the Show inactive check box.
From the VERSIONS list, select the check box for the version you want, and then click DONE.
By default, Application Security includes all settings of the selected application version.
To exclude one or more settings, clear the corresponding check boxes for the settings.
To copy over all of the issues and audits associated with the selected application version, select the Application state check box.
Only audits up to the latest application version metrics refresh are copied. To refresh the application metrics before you copy the application state, see Recalculating application metrics.
To proceed to the ATTRIBUTES settings, click NEXT.
On the TECHNICAL ATTRIBUTES tab, provide the information described in the following table.
Field Description Development Phase
From this list, select the current development phase of the new version.
Development Strategy
Select the strategy used to develop the new application version.
Accessibility
Select the value that specifies how the application is to be accessed.
Application Type
Select the application type.
Target Deployment Platform
Select the target deployment platform.
Interfaces
Select the check boxes for the interfaces available to access the application.
Development Languages
Select the check boxes for the languages used to develop the application version.
Authentication System
Select the check boxes for the authentication systems used to access the application.
This tab can also include technical attributes defined by your organization.
(Optional) Select the ORGANIZATION ATTRIBUTES tab, and then provide the information described in the following table.
Field Description Business Unit
Select the business unit for which the application version is being developed.
Industry
Select the industry sector to which the application version applies.
Region
Select the region for which the application version is being developed.
This tab can also include organization attributes defined by your organization.
(Optional) Select the BUSINESS RISK ATTRIBUTES tab, and then provide the information described in the following table.
Field Description Business Risk Select the value that best represents the risk this application version poses to your organization. Known Compliance Obligations
Select the check boxes for all of the known compliance obligations that the application version must meet.
Data Classification
Select the check boxes for all of the data classifications that apply to the application version.
Application Classification
Select the check boxes for all of the application classifications that apply to this application version.
This tab can also include business risk attributes defined by your organization.
If you are using OpenText ScanCentral DAST, click the SCANCENTRAL DAST ATTRIBUTES tab and then do the following:
- Enter the Base URL to set the prefix for all of the pages in your application.
This tab can also include OpenText ScanCentral DAST attributes defined by your organization.
To proceed to the POLICIES settings, click NEXT.
If the data retention policy is configured to allow application versions to opt-out of it, then you can opt-out of the policy for this application version. By default, all application versions are included in the default data retention policy. For more information about the data retention policy, see About data retention.
To opt-out of the data retention policy for this application version, from the Data Retention Policy to Follow list, select None (Opt-out of Default).
To proceed to the TEMPLATE settings, click NEXT.
Under Issue Template, select the check box for a template to set the minimum thresholds for issue detection.
To see a description of a template displayed in the pane to the right, select its check box. The default template is Prioritized High Risk Issue Template.
To proceed to the ACCESS settings, click NEXT.
To add users to the team for this application version, do one of the following:
A user in the Administrator role already has full access to all applications. You cannot assign an Administrator user to a team unless the user has also been assigned another role. This is true whether the Administrator is a local user or an LDAP user.
To assign a user from the Application Security database:
Select LOCAL.
Select the check boxes for the team member or members you want to assign.
To find a specific user, type a user name into the Search by user name box, and then click FIND.
To assign a user from the LDAP directory:
Click LDAP, and then, from the View By list, select the attribute to use to display LDAP entities.
Select the check boxes for the team member or members you want to assign.
To find a specific user, type a user name into the Search by user name box, and then click FIND.
Click SAVE.
The new application version is now displayed in the application versions list.
- Click CLOSE.
See Also