This section outlines a typical ASoC workflow for an authorized user with a valid subscription.

Table 1. Typical workflow
What Where Details

Create application

My Applications > Create App button

Scans are sorted in ASoC in applications, so you first create an application in which to run your scans. One application can contain a combination of several scans, and types of scan (DAST | SAST | IAST), of one or more sites/apps. See Working with applications.

Create AppScan Presence

AppScan Presences > Create Presence button

(Optional) If the site you are scanning is not accessible from the internet, you must install an AppScan Presence on your machine, with access to the web app or back-end server, and to the Internet. See Creating the AppScan Presence.

Create Scan My Applications > App > Create Scan button Open the wizard to configure a Scan. Options are Dynamic (DAST), Static (SAST), and Interactive (IAST). See Scanning and monitoring.
Review Results