Complete

AppScan is now configured as a recording proxy for your device to send requests to the application. You are now ready to start your Manual Explore of the application.

About this task

You can proceed to explore the service immediately, or close the wizard and explore later.

Procedure

  1. Select:
    • Start recording now, or
    • I will record later
    Then click Finish.
    • Start recording now: The External Traffic Recorder opens with a status message indicating that it is connected to your device.
    • I will record later: The wizard closes. When you are ready to record, click Manual Explore to start the External Traffic Recorder.
  2. With the External Traffic Recorder open with status "Waiting for incoming connections", manually explore the web service from your client. As you explore, domains detected are listed in the left pane of the traffic recorder, and requests in the right pane. When finished, click Stop Recording.
    Note: If the traffic does not appear in the recorder, see Postman and SoapUI troubleshooting.
  3. Review the Manual Explore data and in the left column select the domains you want included in the scan.
    Tip: If the total number of requests is more than 200, deleting some of them may produce a more efficient scan.
    Note: At this stage you can click Export to save the Explore data for use on another machine.
  4. Click Save to close the traffic recorder.
    AppScan analyzes the explore data and prepares tests to send. When this is completed, you can start the Test stage.
  5. To start the Test stage of your scan, click Scan > Test Only