System requirements and version support

System requirements and supported operating systems and languages for the ASoC analyzers. Also learn about the supported browsers and minimum resolution for the service.

AppScan on Cloud EU domain changes

The default domain for the AppScan on Cloud EU instance has changed to eu.cloud.appscan.com from cloud.appscan.com/eu. The old domain will temporarily redirect to the new one. Update any bookmarks or embedded URLs in the documentation or webpages soon.

Important update related to AppScan on Cloud IP ranges.

The IPs for both the AppScan on Cloud US-based service and the EU-based service has changed. The service continues to be hosted in Microsoft Azure DataCenters in the US and Germany.

It is important that your organization updates your firewall rules to ensure the relevant IPs provided in the Allowlist section are not blocked.

Allowlist

ASoC uses specific IP ranges for both incoming and outgoing connections on port 443. It's important to ensure these IP addresses are not blocked by your firewall:
  • North America data center: 4.152.146.92, 4.152.146.110, 20.57.85.61
  • Western Europe data center: 4.182.90.213
Important: In addition, it's crucial to have access to the domains: cloud.appscan.com or eu.cloud.appscan.com.

The IP addresses for these domains are managed by Azure and might change over time. Therefore, it's important to add the domains themselves to your allowlist. If you're unable to add the domains directly, you can manually add the IP addresses. To do this, download the file from Azure IP Ranges and Service Tags – Public Cloud and include only the IP ranges listed under the AzureFrontDoor.Frontend section.

ASoC also uses specific domains for Azure blob storage when downloading reports or tools from the cloud:
  • North America data center: asoceapusstorage.blob.core.windows.net
  • Western Europe data center: asoceapdestorage.blob.core.windows.net
Note: The IP addresses for these domains are also managed by Azure and could change, so it's best to add the domains themselves to your allowlist.

For more information about data centers, see Data center selection.

For certain security tests, such as DAST Command Execution and Remote File Inclusion, including tests for the Log4j vulnerability, the server being tested must be able to send DNS lookup queries to:
  • securityip.appsechcl.com

ASoC analyzers

Requirements and limitations:

Browser

ASoC supports the latest versions of the following browsers:
  • Chrome
  • Edge
  • Firefox
  • Safari (Mac only)

Screen resolution

The recommended screen resolution for ASoC is 1920 x 1080.

Login requirements

  • If login to your site or app requires credentials other than username and password, you can supply these when setting up the scan, but note that intervention by our Support team will be required to run the scan, which may increase scan time.
  • CAPTCHA is not supported. You must disable any CAPTCHA mechanism in order to scan.

AppScan Presence