Creating a new scan from a template file

You can upload your own AppScan Standard template (SCANT) file to run an AppScan 360° scan.

Before you begin

Backup your site before scanning.
If you have not yet done so, Create an application for your scans.
If scanning a live production site, refer first to What changes should I make when scanning a live production site?

Procedure

On the specific Application page, click Create scan, then click Create scan under DAST Dynamic Analysis to open the wizard.
Select From template.
Upload file:
Drag and drop the template (SCANT) file into the dialog, or click to select the file.

The file is opened and the starting URL from the configuration is filled in the URL field.
If your file includes only configuration data (no explore data), you can only run a full scan. If your file includes multistep operations configured, you are given the options of running the Test stage only, or a full scan (Explore and Test stages):
- Start full scan: Runs a full scan using the current configuration.
- Run test only: Runs the Test stage only using the configuration and based on the multistep operations.

Explore:


Setting	Options
Upload recording	Upload one or more `DAST.CONFIG` or `.EXD` traffic files. For details of how to record these, see Recording traffic.
File settings	If you need the requests in your traffic file to be sent in the exact order you recorded them, activate Multistep. This method significantly increases the duration of the scan, so only use it if necessary. To understand the difference between Multistep and regular Recorded explore, refer to Recorded explore. To activate Multistep: For each uploaded recording, click the expand icon next to the file name and switch the Advanced: Activate "Multistep" option to On.
Select how to use the file	Use both recorded and automatic explore stages for comprehensive testing AppScan 360° runs its own automatic explore stage to discover the application. It tests the application based on both these results and the traffic file you uploaded. Analyze and test only the recorded explored data AppScan 360° treats the uploaded file as the Explore stage for the scan. It analyzes and creates tests for the recorded traffic only, and then tests it. There will be no automatic Explore stage.

Schedule:


Setting	Options
Scan now	Your scan runs as soon as set up and review are complete.
Save for later	Your configuration is saved when completed. You can run the scan later.
Schedule	Your configuration is saved, and one or more scans run as configured: Select a date and time. Enter these according to the time zone configured on your machine, but note that times will be converted to UTC when displayed in the user interface. To run the scan more than once, select the Repeat, and then choose: Daily, and select a daily interval (1-30 days) Weekly, and select which day, or Monthly, select a monthly interval, and then select which numerical day of the month, or which weekday of the month (first, second, third, fourth, last). Note: If the maximum number of concurrent scans are running when the scheduled time arrives, the scan starts as soon as allowed by your subscription. Set the End date (the last date a scan will run), or click Remove end date to have the schedule run indefinitely.

Scan options:
In the Scan options panel, you can:
- Elect to run the scan as a Personal scan.
- Elect to receive an email when the scan is complete.
Summary:

Edit the name of the scan, if desired, and review the settings selected for the scan. Click back to previous panels to make adjustments if needed.
Click Scan.

Results

The new scan is added to the Scans view with its starting time, and a progress bar indicates that the scan is running. When the scan is complete the progress bar closes, the results are summarized in a graph, and (if selected) you receive an email notification. See Results.