Step 1: Configuring the scan
About this task
The Scan Configuration Wizard provides an easy way to configure a scan, when you do not need to change many of the default configuration settings.
Procedure
-
On the home screen click Web applications or, click File
> New > Web application scan.
The URL and Servers step of the wizard opens.
-
Enter the URL of your application in the text box.
AppScan attempts to connect to the server, and the green Connected to server messages appears when this succeeds.
-
Click Next.
The Login Management step appears, with the Recorded radio button selected.
-
Click Record, and select the Chromium browser.
The browser opens to the starting URL that you defined in the previous step. Your browsing is now being recorded by AppScan.
- Log into your application with an authorized username and password.
- When you have successfully logged-in, close the browser.
The "Login Sequence" (the sequence of links that achieved the logged-in state) is displayed (see Record login with a browser for more details), and the gray key icon turns green, indicating that in-session detection is active.
This: changes to this:
- Click Next.
The Test Policy step appears, with the Default policy selected.
-
Click Next.
The Test Optimization step appears.with the Fast option selected.
- Click Next.
The final step of the wizard appears. You are now ready to run the scan (see Step 2: Running the scan).
Note: Although it is possible to start the automatic scan at this stage, in many cases a better result will be achieved by manually exploring the application first, as a regular user would (see Using a browser).