DAST workflow
Overview of steps for dynamic analysis scanning.
The general steps for performing dynamic analysis are as follows. Additional steps may be required to meet your scanning goals.
Note: Users must be assigned an appropriate role to perform
dynamic analysis functions. If you are unsure whether your user role has appropriate
permissions, consult your organization's Administrator.
- Create an application.
- Depending on whether you are scanning a public site or private site:
- Public site: verify the domain or manage the domain based on your subscription
- Private site: install and configure AppScan Presence
- Create and configure a scan using one of the following methods:
- Scan a web application
- API scan
- Scan from file: from template file
- Scan from file: from scan file
- Run the scan.
- Review results.
- Triage and remediate issues.
- Repeat steps four through six as needed. Repeat steps three through six as needed.