DAST workflow
Overview of steps for dynamic analysis scanning.
The general steps for performing dynamic analysis are as follows. Additional steps may be required to meet your scanning goals.
Note: Users must be assigned an appropriate role to perform
dynamic analysis functions. If you are unsure whether your user role has appropriate
permissions, consult your organization's Administrator.
- Create an application.
- Depending on whether you are scanning a public
site or private site:
- Public site: verify the domain
- Private site: install and configure AppScan Presence
- Create and configure a scan
Creating a scan may include:
- Uploading a recorded login
- Uploading a template file
- Uploading a scan file
- Run the scan.
- Review results.
- Triage and remediate issues.
- Repeat steps three through six as needed.