Scan Configuration Wizards
You can quickly configure basic scans using the wizards.
The Scan Configuration Wizards are the simplest way to configure and start a scan when you do not need to change many of the default options. However, if you need to change advanced options, you may prefer to use the Scan Configuration Dialog Box.
The wizard gives you access to the most common configuration options, the main difference being the way the options are arranged. (In both the table below and the sections following, cross-references to options that are the same in both the wizard and the dialog box point to the dialog box section of this guide.)
Scan type | Description |
---|---|
Scan web application | Scan an application, using AppScan to
explore automatically and/or manually, and then test automatically. Select this option for most web application scans. The application is explored manually and/or automatically with requests sent from AppScan to the application. |
Scan web service | Select this option for most web service scans. |
Scan using external client | Use an external device/client (with AppScan as recording proxy). Select this option to use AppScan's External Traffic Recorder as a recording proxy, and manually explore RESTful or other non-SOAP web services - or SOAP services that do not require security envelopes - using a mobile phone, simulator, or emulator. AppScan displays the domains and requests in its External Traffic Recorder, and create appropriate tests from the input. |
Incremental scan | Run an Incremental scan. Select this option to save scan time by scanning only the new or changed parts of your application. |
Additional methods for exploring web services
Scan type | Description |
---|---|
Generic Service Client (WSDL) | Select this option for web services with a WSDL file. Generic
Service Client (GSC) uses your web service's WSDL file to display
a simple interface showing the services available, and lets you enter
parameters and view the results. Use the GSC interface to explore
your web service manually, so that AppScan can use your input
to create appropriate tests. Note: This option is only available if GSC (Generic Service Client) is installed on your
machine. To download it, click Scan > GSC > Download
GSC. |
Web Services Wizard extension | This extension lets you scan using Open API description files (JSON and YAML). It is available from Tools > Extensions > Web Services Wizard (Open API), and the extension is enabled by default. |